RE: [ietf-dkim] NEW ISSUE: SSP threats analysis needed

ietf-dkim

RE: [ietf-dkim] NEW ISSUE: SSP threats analysis needed

2007-12-12 18:42:39

Dave Crocker wrote:

    In spite of having a requirements document, the current SSP
specification is not based on a coherent threats model.
In fact working group participants have been demonstrating quite a
large variance in the threats they think relevance.
SSP cannot reach consensus unless there is first consensus about the
problems it is trying to solve.


+1


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[ietf-dkim] NEW ISSUE: SSP threats analysis needed, Dave Crocker RE: [ietf-dkim] NEW ISSUE: SSP threats analysis needed, J D Falk <=

Previous by Date:	RE: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP'sparadigm change, J D Falk
Next by Date:	RE: [ietf-dkim] NEW ISSUE: SSP applies only to receive-side filtering engine and not end-users, J D Falk
Previous by Thread:	[ietf-dkim] NEW ISSUE: SSP threats analysis needed, Dave Crocker
Next by Thread:	[ietf-dkim] NEW ISSUE: replace use of term "suspicious", Dave Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]