RE: Fwd: Re: [ietf-dkim] I-D Action:draft-ietf-dkim-ssp-00.txt2007-06-29 12:07:19The downgrade attack is not addressed in the security recommendations. Regardless of whether the group thinks that the attack is out of scope the group must either: 1) Provide a mechanism that allows the attack to be prevented. 2) Understand the problem well enough to write a security considerations section. The first is much easier than the second. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
|
|