[ietf-dkim] Review of draft-fenton-dkim-threats-01
ekr at networkresonance.com
Sat Oct 29 11:57:29 PDT 2005
Michael Thomas <mike at mtcc.com> writes:
> Eric Rescorla wrote:
>> Dave Crocker <dhc at dcrocker.net> wrote:
>>>>What I would have expected in a threat analysis of this type is that
>>>>one would start with a relatively broad view of the type of system
>>>>one was considering developing ("server-based message-based signatures
>>>>to prevent mail forgery") and then describe potential attacks on
>>>>such systems and the types of countermeasures that can be used to
>>>>protect against them.
>>>We seem to be suffering from trying to hit a moving target.
>> Hmm... Maybe, but I think my comments are in line with comments
>> I've made previously. It's possible that my comments don't
>> agree with Russ's, of course.
> That's seems to be the genesis. Hence my comments to the ietf list
> a couple of months ago. What would you have us do since this seems
> to be a meta argument between you and our AD?
A meta-argument? Are you saying that you think that Russ would like
you NOT to do the analysis I suggested? I'd be quite surprised to hear
It's certainly possible that he would be satisfied if you don't do
so, but I don't so how that implies that I shouldn't want to see
such analysis done.
More information about the ietf-dkim