Man, this horse still isn't dead.
First of all, this is a gross mischaracterization of what was in the
document. It was NEVER a tree walk
It was a one level tree walk, but it's gone now, never to return, so that
hardly matters.
Although I believe that there is at least one large vendor of network
equipment whose DNS tree is very flat, that's not true in general, and
there are plenty of large systems whose DNS tree is more than two
levels deep.
That doesn't matter. If there are more levels they are doubtless *orders* of
magnitude less than the total number of host names.
Perhaps. It sounds like you're saying that this is a problem that is very
important to solve, but not so important as to be worth putting
incrementally more effort into tool development. That doesn't strike me
as a very strong argument.
It's your-representative(_at_)unprotectedhostname(_dot_)bank(_dot_)com -
where
"your-representative" is actually your representative. We can and should
protect from that.
You're just reasserting the same implausible claim. This is part of the
lookalike problem, and no amount of ADSP will solve that.
ADSP might be of some use against exact name forgery, not lookalike
forgery.
If the bank has ADSP for mail from joe(_dot_)smith(_at_)bigbank(_dot_)com, bad
guys might
send phishes from joe(_dot_)smith(_at_)www(_dot_)bigbank(_dot_)com, but they're
at least as
likely to phish from joe(_dot_)smith(_at_)bigbanque(_dot_)com or
joe(_dot_)smith(_at_)bigbank(_dot_)rbn(_dot_)ru(_dot_)
Name any large bank, and I will show you hundreds if not thousands of
registered lookalike domains they don't control, along with quite a lot of
lookalike domains they do control. Nobody can tell from the outsde which
lookalikes are legit, so the only reasonable response to phish forgery is
to whitelist the small set of real addresses.
Any solution to the lookalike problem that purports to work by putting a
black mark on all the lookalikes is doomed to failure. I don't see any
point in complicating ADSP to at best make it a little easier to put the
black marks on a modest subset of the lookalikes.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html