[ietf-dkim] updated threat analysis outline
Tony Finch
dot at dotat.at
Wed Aug 24 15:39:23 PDT 2005
On Wed, 24 Aug 2005, Douglas Otis wrote:
> On Aug 24, 2005, at 7:11 AM, Tony Finch wrote:
> > On Tue, 23 Aug 2005, Douglas Otis wrote:
> > >
> > > This has been called a revocation-identifier in the past. It may be
> > > described as a type of domain-cookie, or opaque-identifier. It would
> > > permit a revocation mechanism and enable opportunistic identifications
> > > that could even detect cross-domain forgery without any mailbox-address
> > > constraints being applied.
> >
> > Could you expand on this last sentence? I missed any description of it you
> > may have posted already.
>
> http://www.ietf.org/internet-drafts/draft-otis-mass-reputation-01.txt
> See section 8. Abating the replay attack
I don't see where that talks about using the revocation ID to detect
forgery.
Tony.
--
f.a.n.finch <dot at dotat.at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.
More information about the ietf-dkim
mailing list