On July 27, 2005 at 15:23, Dave Crocker wrote:
However it does raise the issue of whether the security section should cover
details that are generic aspects of DNS security or whether it should be
restricted to issues that are solely related to DKIM or, at least, more likel
y
due to DKIM?
Anything that could comprise DKIM should be mentioned. Since some DNS
exploits are well-known, a detailed explanation of the attacks are not
needed, with references to more informative documents can be provided.
However, the impact of such attacks on DKIM should be mentioned,
and if it is believed that some attacks are considered low risk,
the logic and analysis behind these conclusions should be mentioned.
--ewh