"Dave CROCKER" <dhc(_at_)dcrocker(_dot_)net> wrote:
On 10/12/2010 11:21 AM, Murray S. Kucherawy wrote:
-1; I like the wording that's there.
Concur; -1 on the change. I furthermore submit that we are compelled to
describe the known "attack", as that's precisely what we are supposed to
include in Security Considerations.
We should keep in mind that DKIM's job is to deliver a validated domain name.
I
believe none of the "attacks" that have been discussed have anything to do
with
that task. Instead, they pertain to other forms of attack on perceived
message
content validity, which is entirely outside of DKIM's scope.
Seriously.
-1. Seriously.
DKIM also attempts to provide assurance that content is unmodified. Without
that the identity assurance is meaningless.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html