[ietf-dkim] Review of draft-fenton-dkim-threats-01
Dave Crocker
dhc at dcrocker.net
Sat Oct 29 08:28:26 PDT 2005
> What I would have expected in a threat analysis of this type is that
> one would start with a relatively broad view of the type of system
> one was considering developing ("server-based message-based signatures
> to prevent mail forgery") and then describe potential attacks on
> such systems and the types of countermeasures that can be used to
> protect against them.
Eric,
We seem to be suffering from trying to hit a moving target.
The task that Russ originally assigned was to describe the threats that DKIM
is designed to respond to. In other words, what problems are there --
without DKIM -- that the addition of DKIM would fix?
That is, of course, quite different from describing attacks on DKIM, which
seems to be what you have just described.
d/
More information about the ietf-dkim
mailing list