[ietf-dkim] draft-allman-dkim-{base,ssp}-01.txt

[Douglas Otis]

On Oct 25, 2005, at 1:47 AM, Stephen Farrell wrote:


>> http://www.sonic.net/~dougotis/id/draft-otis-dkim-threats-01.html
>> http://www.sonic.net/~dougotis/id/draft-otis-dkim-threats-01.txt
>
> I find it confusing and not entirely helpful that we now
> have two partially overlapping threat analyses. Can you
> try to excise the overlap so that your document only
> contains the delta? I (and I'm sure others) won't be able
> to properly consider your concerns if I can't see where
> the differences lie.
>
> Just to be clear though - our current charter specifies
> that we work on *one* threats document and that the starting
> point there is Jim's document.

Of course there should only be one document.  I found it easier to  
sweep through what stood out as desired changes by editing Jim's  
excellent document.  I was troubled by how the threat review did not  
treat the SSP mechanism separately.  As it is now,  extracting the  
SSP mechanism will create a number of changes to this review.  I also  
have concerns that the SSP mechanism may only be appropriate for a  
few special cases where these domain's policies should also be easier  
to obtain than allowed with the SSP mechanism.

DKIM can provide significant benefit without any policies being  
published, but instead by simply including binding information within  
the message and using an opportunistic strategy.  There is not going  
to be a flag day.

So far, I have only managed to provide the comparison documents.   
Explaining problems with SSP will take longer than the time I have  
today.  Saying it in fewer words is a challenge I am not well suited  
to handle. : )

Here is a link to a series of pdf files that provides a section by  
section breakdown of the changes.

http://www.sonic.net/~dougotis/dkim/

-Doug