RE: Replay attacks and ISP business models

[mailto:owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of 
Douglas Otis

If replay does become a problem, then what is the response?  
Should large domains then issue user-keys to everyone?


There is actually little difference in per-user keys and signing the
sender field.

Per user keys only make a difference if they are individually
controlled.

 The value of this acceptance is reduced when a signature 
must also be checked against a third-party clearing house to 
decide whether this represents a message being abusively replayed.


Are you arguing that the third party clearing house protocol is
absolutely essential for DKIM to have any value at all?

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Replay attacks and ISP business models, Hallam-Baker, Phillip RE: Replay attacks and ISP business models, John R Levine Re: Replay attacks and ISP business models, Douglas Otis RE: Replay attacks and ISP business models, Hallam-Baker, Phillip RE: Replay attacks and ISP business models, John R Levine RE: Replay attacks and ISP business models, Hallam-Baker, Phillip Re: Replay attacks and ISP business models, wayne RE: Replay attacks and ISP business models, Hallam-Baker, Phillip <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	RE: Replay attacks and ISP business models, Hallam-Baker, Phillip
Next by Date:	Re: Replay attacks and ISP business models, Michael Thomas
Previous by Thread:	Re: Replay attacks and ISP business models, wayne
Next by Thread:	[ietf-dkim] RE: MASS/DKIM BOF Summary, Hallam-Baker, Phillip
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

RE: Replay attacks and ISP business models, Hallam-Baker, Phillip

Next by Date:

Re: Replay attacks and ISP business models, Michael Thomas

Previous by Thread:

Re: Replay attacks and ISP business models, wayne

Next by Thread:

[ietf-dkim] RE: MASS/DKIM BOF Summary, Hallam-Baker, Phillip

Indexes:

[Date] [Thread] [Top] [All Lists]