On Thu, 8 Nov 2007, Hector Santos wrote:
How can an attacker add t=y to a signature? That only exists in keys and
policies.
They can make themselves look like cisco.com or any other HV domain and
with the obvious failure and t=y, how will verifiers react to this?
What you originally said was "all they have to do is add t=y". I assume
you mean "they" is "the attackers". How would an attacker add "t=y" to a
policy record and then take advantage of it?
The rest of your points about the exposure "t=y" in a published SSP record
may be valid, but I remain confused about this point and it seems to be
the premise of your attack.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html