ietf-mailsig
[Top] [All Lists]

Re: nowsp considered harmful

2005-07-22 16:37:39

Nathaniel Borenstein wrote:

A side note: I absolutely can't bring myself to care if DKIM is vulnerable to "vandalism" in the form of corrupting sabotage of real messages, because there's no money in it for the vandal. Nearly every protocol on the Internet is subject to horrific vandalism in the form of DOS attacks. Why worry more about it here? -- Nathaniel

I have been in somewhat the same camp, but I think the argument here is that it's much easier to judge whether a given canonicalization or feature permits a semantic change in the message contents than it is to judge what can be exploited to make money for vandals. It's a higher but better defined bar.

-Jim


<Prev in Thread] Current Thread [Next in Thread>