Barry Leiba wrote:
1. Crypto suite X had been seriously cracked, such that an attacker
could, at least in some cases, create a valid suite-X signature on his
Is there any experiential basis to motivate our having to worry about this
attack vector? In other words, do we have good reason to believe that this
threat vector is significant?
Is there a history of worrying about this attack vector, among other efforts to
do standards work with similar technology? In other words, are we the only
ones
worrying about it, or is this a common concern amongst experts?
Is the mechanism for "protecting" against this attack vector in DKIM anything
like the mechanisms used in those other, similar technologies? In other words,
if other experts have worked on this, have they solved in a similar way?
If the above 3 questions do not have a clear "yes" answer, then we ought to
treat DKIM's effort on this topic as highly suspect.
Anything other than 3 yes' means that we're attempted to solve a problem that
other experts do not see as a problem, or that they have not tried to solve
before or that they have solved in a different way. In other words, to some
potentially high degree, we are hanging out entirely on our own.
My own sense of security work by a crew of folk that have some security
expertise, but is not dominated by it, is that it should aggressively avoid
being creative...
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html