Re: [ietf-dkim] The purpose of an existence/validity check

On Wed, 28 May 2008 20:44:17 +0100, Dave Crocker <dhc(_at_)dcrocker(_dot_)net> 
wrote:

We *want* different reputations for transactions.paypal.com and
newsletter.paypal.com and corporate.paypal.com.  Remember that these  
names
that are used to sign with DKIM are voluntarily chosen by the signer.


In that case, paypal.com can easily publish a strong ADSP record for  
transactions.paypal.com and weaker ADSP records for newsletter.paypal.com  
and corporate.paypal.com. The important thing is to ensure that  
non-existent(_at_)paypal(_dot_)com is treated as strong rather than as weak. If 
we  
don't protect that domain, then every phisher on the planet will promptly  
use it.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Fwd: Re: domain existence check, Charles Lindsey

Next by Date:

Re: [ietf-dkim] draft-levine-dkim-adsp-00, Stephen Farrell

Previous by Thread:

Re: [ietf-dkim] The purpose of an existence/validity check, Douglas Otis

Next by Thread:

Re: [ietf-dkim] The purpose of an existence/validity check, Eliot Lear

Indexes:

[Date] [Thread] [Top] [All Lists]