Re: [ietf-dkim] Data integrity claims

ietf-dkim

Re: [ietf-dkim] Data integrity claims

2010-10-17 20:24:58

Don't think of DKIM as being inviolate offering only a disjointed 
sacrosanct identifier.  DKIM process must also guard against the 
exploitation of its results


+1

By DKIM process, I would include anything cognizant of DKIM upto but
not including the MUA. Mike's secret sauce would count here, eg.

I for one would have dumb sauce. Perhap prefixing unsigned headers
with "DKIM-hidden-" such that only DKIM aware MUAs will render
original unsigned content.

As others have said, there is nothing between DKIM and the MUA that
prevent DKIM exploitation so who is going to solve that problem if not
us?


Mark.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] sophistry is bad, was Data integrity claims, (continued) Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Rolf E. Sonneveld Re: [ietf-dkim] sophistry is bad, was Data integrity claims, MH Michael Hammer (5304) Re: [ietf-dkim] Data integrity claims, Dave CROCKER Re: [ietf-dkim] yet more sophistry, was Data integrity claims, John R. Levine Re: [ietf-dkim] yet more sophistry, was Data integrity claims, Alessandro Vesely Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Scott Kitterman Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Michael Thomas Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Murray S. Kucherawy Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Scott Kitterman Re: [ietf-dkim] Data integrity claims, Douglas Otis Re: [ietf-dkim] Data integrity claims, Mark Delany <= Re: [ietf-dkim] Data integrity claims, Murray S. Kucherawy Re: [ietf-dkim] Data integrity claims, MH Michael Hammer (5304) Re: [ietf-dkim] Data integrity claims, Murray S. Kucherawy Re: [ietf-dkim] Data integrity claims, MH Michael Hammer (5304) Re: [ietf-dkim] Data integrity claims, Murray S. Kucherawy Re: [ietf-dkim] Data integrity claims, MH Michael Hammer (5304) Re: [ietf-dkim] Data integrity claims, Douglas Otis Re: [ietf-dkim] Data integrity claims, Murray S. Kucherawy [ietf-dkim] Invalid RFC5322 related DKIM Implementation requirements, Hector Santos Re: [ietf-dkim] Data integrity claims, Douglas Otis

Previous by Date:	Re: [ietf-dkim] Data integrity claims, Douglas Otis
Next by Date:	Re: [ietf-dkim] yet more sophistry, was Data integrity claims, Alessandro Vesely
Previous by Thread:	Re: [ietf-dkim] Data integrity claims, Douglas Otis
Next by Thread:	Re: [ietf-dkim] Data integrity claims, Murray S. Kucherawy
Indexes:	[Date] [Thread] [Top] [All Lists]