ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] layer violations, was detecting header mutations after signing

2010-10-14 12:33:15
On 10/14/2010 10:15 AM, John R. Levine wrote:
If you really think this is such a great big problem, maybe you should be
banging the drums at MAAWG or other venues where the correct set of ears
is potentially listening.

I would rather not have to run a session at MAAWG entitled "How to fix the
security holes in DKIM", but I certainly could.

Am I really the only person who wants to be able to whitelist mail signed
with known good signatures, drop it into user inboxes and expect
reasonable results with existing MUAs?

I would hope so because this would be a really stupid thing to do.
Without the next line of defense -- virus, malware, spam, phishing --
you'd be setting your users up for big problems. Just because it's
DKIM signed from a good source doesn't mean it's not still evil.

That's why all of this hand wringing is silly.

Mike
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>