ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Final update to 4871bis for working group review

2011-07-08 00:44:09
from [Murray S. Kucherawy] [Permanent Link] 
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis
Sent: Thursday, July 07, 2011 6:47 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Final update to 4871bis for working group review

Unfortunately, the norm is not to make these checks because only DKIM
invites the possible exploit.  DKIM MUST accept the role of preventing
the exploit it invites.


This is logically equivalent to saying SSL or TLS has to ensure the validity of 
the payload it is securing, because since that payload has been secured, people 
will assume it's also valid.  Will you be taking your fight to the TLS working 
group as well, then?

Otherwise, this is merely a repetition of the same argument that got us the 
DISCUSS in the first place.  One might even call it a replay attack...

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Final update to 4871bis for working group review, Douglas Otis
Next by Date:  Re: [ietf-dkim] Final update to 4871bis for working group review, Charles Lindsey
Previous by Thread:  Re: [ietf-dkim] Final update to 4871bis for working group review, Douglas Otis
Next by Thread:  Re: [ietf-dkim] Final update to 4871bis for working group review, McDowell, Brett
Indexes:  [Date] [Thread] [Top] [All Lists]