[ietf-dkim] Charter bashing...
Michael Thomas
mike at mtcc.com
Wed Oct 12 07:56:08 PDT 2005
Stephen Farrell wrote:
>> What people do consider necessary is a policy tag on a key record that
>> specifies something like 'this key can only sign email from
>> marketing at example.com so that the bulk mailer hired to do a promo can't
>> then impersonate the CEO.
>
> Its still tricky though since it allows me to make bogus assertions.
>
> However, I do understand the application requirement, but do we have
> to meet that via creating key/(dis)allowed-domain bindings in a
> dkim protocol? Perhaps we do, but then the threat analysis has to
> go into a good bit of detail here since that assertion structure
> will be used as the basis of attacks.
Huh?
Mike
More information about the ietf-dkim
mailing list