Murray S. Kucherawy wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Charles
Lindsey
Sent: Monday, October 18, 2010 4:24 AM
To: DKIM
Subject: Re: [ietf-dkim] layer violations, was detecting header mutations
after signing
Irrelevant for the current discussion.
On the contrary, that is precisely the attack of interest, so it is
supremely relevant. You claim it can be thwarted by other means, but have
failed to explain exactly how those "other means" would work.
On the contrary, none of this is within the prescribed scope of DKIM. ADSP
and reputation (the latter of which is explicitly out of scope) are
predicated on DKIM's output, not part of its input or its mechanics.
From an IETF "standpoint" it might not be, but from an engineering
standpoint, I beg to differ.
These topics are distractions from the effort of solidifying the DKIM
specification for advancement along the standards track. That's what I
believe he means by "irrelevant for the current discussion".
We need to stop blaming others. Borrowing an old QA engineering motto:
"Getting it Right..... The First Time!"
Otherwise, you get what you have today. Note, that is not about
"perfection," but rather proper engineering to minimize customer
issues even it if means a little more upfront cost.
In my view, a good bit of the issue was manifested by the on-going out
of scope design considerations with a) defocusing of Policy and b)
greater allowance for unrestricted resigners and participants were
providing
input that there was an engineering problem with this.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html