[ietf-dkim] Not exactly not a threat analysis
John R Levine
johnl at iecc.com
Tue Aug 23 10:24:35 PDT 2005
> > Right. The context is who signed it.
> That's not sufficient unless signers who (re)transmit messages are
> clearly distinguishable from signers who author content.
You keep saying that, I keep pointing out that you're wrong. I guess
> That's a bit like saying that drivers in some states are better than
> drivers in other states, so states should discourage bad drivers by
> blocking off their borders with states with bad driving reputations.
Right. It works really well for e-mail, because domains are not states
and mail messages are not drivers. But as a former resident of
Massachusetts, with some of the worst drivers in the country, I have to
say it wouldn't be all that bad an idea for drivers, either.
More information about the ietf-dkim