ietf-mailsig
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: The cost of choices

2005-07-27 22:36:24
from [Arvel Hathcock] [Permanent Link] 

I'm going to start a new thread on this topic.

--
Arvel
----- Original Message ----- From: "Earl Hood" <earl(_at_)earlhood(_dot_)com> 
To: <ietf-mailsig(_at_)imc(_dot_)org>
Sent: Thursday, July 28, 2005 12:02 AM
Subject: Re: The cost of choices




On July 27, 2005 at 22:13, "Arvel Hathcock" wrote:


> And to extend it further, the SSP should provide the ability to
> list which domains are allowed to do third-party signing.  Otherwise,
> if it is boolean switch, turning on the switch open you up to
> spoofing attacks.

Would there be enough room in 512 bytes to effectively do that?


One could not have a huge list, but something must be provided
or third-party signing support would be useless from a security
perspective.  It seems 512 bytes should be sufficient.

--ewh
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SSP - when to perform, Arvel Hathcock
Next by Date:  SSP - specifying the third-parties, Arvel Hathcock
Previous by Thread:  Re: The cost of choices, Earl Hood
Next by Thread:  Re: The cost of choices, Jim Fenton
Indexes:  [Date] [Thread] [Top] [All Lists]