[ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack
Item:Inconsistent Signature vs Policy Attacks)
Jim Fenton (fenton)
fenton at cisco.com
Tue Jan 31 08:52:10 PST 2006
Oops. You're right. I was probably confusing this with WEAK.
-Jim
-----Original Message-----
From: Frank Ellermann [mailto:nobody at xyzzy.claranet.de]
Sent: Tue Jan 31 08:46:52 2006
To: ietf-dkim at mipassoc.org
Subject: [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack Item:Inconsistent Signature vs Policy Attacks)
Jim Fenton wrote:
>> Example loopholes:
>> 1) A message is signed, but the SSP indicated a "o=." (No
>> mail expected from domain).
> There has been a lot of discussion of "o=." but it's not
> actually in the current version of the SSP draft.
Did you confuse this with WEAK ? Or do you have a fresher copy
of the draft ? My copy draft-allman-dkim-ssp-01 still has o=.
on <http://tools.ietf.org/html/draft-allman-dkim-ssp-01#page-9>
Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mipassoc.org/pipermail/ietf-dkim/attachments/20060131/c613f9f3/attachment.html
More information about the ietf-dkim
mailing list