Question about fenton-identified-mail-01



in section 9.1.1 an attack is considered where all the email addresses are
spoofed and sent to many locations to cause an DOS attack on the key server.
I have been thinking about this a bit, and given the magnification of
mailing lists, it seems this might be a practical attack.

Say there were a bunch of list servers that did not check signatures. The
attacker sends a message that is spoofed from flufffy(_at_)cisco(_dot_)com to 
say a
10^3 lists that magnifies it to say 10^6 messages which all result in a hit
to the cisco.com KRS.

I'm not sure if this is a problem or not, perhaps they will skew enough to
smooth out over a reasonable time. Perhaps the keys users on the lists will
correlate enough that caching ends up significantly reducing the hits to the
KRS.

Thoughts?

<Prev in Thread]	Current Thread	[Next in Thread>
Question about fenton-identified-mail-01, Cullen Jennings <= Re: Question about fenton-identified-mail-01, domainkeys-feedbackbase01 Re: Question about fenton-identified-mail-01, Michael Thomas Re: Question about fenton-identified-mail-01, domainkeys-feedbackbase01 Re: Question about fenton-identified-mail-01, Michael Thomas Re: Question about fenton-identified-mail-01, Miles Libbey Re: Question about fenton-identified-mail-01, Michael Thomas Re: Question about fenton-identified-mail-01, Andrew Newton Re: Question about fenton-identified-mail-01, Jim Fenton Re: Question about fenton-identified-mail-01, Jim Fenton Re: Question about fenton-identified-mail-01, domainkeys-feedbackbase01

Previous by Date:	RE: Date for BOF at IETF 61, Robert Barclay
Next by Date:	Re: Question about fenton-identified-mail-01, domainkeys-feedbackbase01
Previous by Thread:	Date for BOF at IETF 61, Robert Barclay
Next by Thread:	Re: Question about fenton-identified-mail-01, domainkeys-feedbackbase01
Indexes:	[Date] [Thread] [Top] [All Lists]