[ietf-dkim] DKIM SSP: Security vulnerability when SSP
record does not exist?
SM
sm at resistor.net
Thu Aug 18 09:33:17 PDT 2005
At 08:59 18-08-2005, Jim Fenton wrote:
>because it makes things simpler for mailing lists (why check SSP at
>every step?) and because it puts the decision in the hands of the
>recipient's verifier because it's really the recipient we're serving.
Whatever we put in the SSP, it comes down to the receiver's end
making the final decision. DKIM cannot stop people from "using our domain".
Regards,
-sm
More information about the ietf-dkim
mailing list