[ietf-dkim] over-the-wire (in)compatibility between pre-IETF
DKIMand (eventual) IETF DKIM
Earl Hood
earl at earlhood.com
Wed Oct 19 14:19:33 PDT 2005
On October 18, 2005 at 18:53, "Arvel Hathcock" wrote:
> > This behavior raises a security problem since such
> > senders will go with policies that lean towards
> > delivery versus potential security threats.
>
> If I'm understanding you rightly you are arguing against the o=~ or
> "relaxed" policy provisions in SSP right?
No. Just trying to understand how senders operate, and how their
policies can affect the effectiveness of DKIM in general and the
security implication of senders' behaviors to DKIM. Adequate security
analysis cannot be done without understanding how users operate.
I do think signers need to be made aware of the risks of using
relaxed policies.
During transition, relaxed policies will definitely be needed, but
if DKIM becomes the norm, relaxed policies will hopefully go away.
--ewh
More information about the ietf-dkim
mailing list