ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] draft-vesely-dkim-joint-sigs

2010-09-18 13:18:14
from [John R. Levine] [Permanent Link] 
I wonder why the idea of binding messages' signatures to their
destination domains hasn't been considered before.  As Ian pointed
out, this would limit replay attacks to a single destination domain.


It's certainly come up before.
As I recall, the usual conclusion is that it breaks far more things than it solves, since forwarding is quite common, and abusive replay of legitimate messages is quite rare. 

R's,
John

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] draft-vesely-dkim-joint-sigs, Alessandro Vesely
Next by Date:  Re: [ietf-dkim] draft-vesely-dkim-joint-sigs, Hector Santos
Previous by Thread:  Re: [ietf-dkim] draft-vesely-dkim-joint-sigs, Alessandro Vesely
Next by Thread:  Re: [ietf-dkim] draft-vesely-dkim-joint-sigs, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]