Charles Lindsey:
On Thu, 01 Mar 2007 13:44:21 -0000, Wietse Venema
<wietse(_at_)porcupine(_dot_)org>
wrote:
On a friendly internet with only cooperating parties, this might
make sense. But the world has changed. With today's internet it
would be a fundamental mistake to make more distinctions than:
the signature was verified
other
If the verifier gives different treatments to different types of
"other", then the bad guys will exploit the verifier's behavior.
And how do you stop verifiers doing that?
There is no cure for stupidity, but I can try to educate.
Verifiers will do as they think fit (i.e. what their clients will pay
for), whatever our standards say. If some likely (though deprecated)
verifier behaviour leads to exploits by the Bad Guys, and there is an easy
way to counter the exploit (e.g. by clearer information in the SSP), then
it would be wise to dopt it.
"Defence in depth" is the term, I believe.
SSP is not a cure for exploitable verifiers.
"Wrong solution for the wrong problem" is the term, I believe.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html