[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
Jim Fenton
fenton at cisco.com
Wed Aug 17 14:05:31 PDT 2005
[catching up on mail from while I was away]
domainkeys-feedbackbase02 at yahoo.com wrote:
>But whatever. Regardless of how one might interpret the webmail interface, the
>point I'm trying to make clear is that, as a verifier, and from a specification
>perspective, Yahoo is *not* interested in, and doesn't care about, localpart.
>Obviously other may be, and good for them, but Yahoo is not.
>
>
In a previous message you wrote:
>The g= is an admittedly crude attempt to constrain the use of delegated keys
>and is not intended to be of particular interest to a verifier above and beyond
>ensuring the constraint is complied with as part of the verification rules.
>
>
Don't you need to look at the localpart to determine whether the g=
constraint was complied with? If the answer is "yes, to determine if
they match, but I'm not going to do anything else with localpart" than
we're in agreement.
-Jim
More information about the ietf-dkim
mailing list