On Jul 27, 2005, at 5:46 PM, Dave Crocker wrote:
2) Also, the sentence "Secondly, the types of DNS attacks
relevant to
DKIM are very costly and are far less rewarding than DNS attacks on
other Internet applications." from 9.4 is very generalized. What
are
these attacks against the DNS for the sake of compromising DKIM?
Andrew;
meta-question: what is the purpose of the security considerations
section?
tutorial about broad topics in security? fair warning about
limitations of the
current specification? guidelines for safe operation? other
concerns?
each of these warrants different kinds and extent of
documentation. unless we
are clear about the goals of the section, it could easily turn too
much into a
generic tutorial.
I agree that it should not turn into a generic tutorial. But the
sentence above seems to indicate that people should be less worried
about attacks on DNS because of DKIM than attacks on DNS for other
reasons. If this is so, then why?
-andy