[Fwd: EKR-3- Re: [ietf-dkim] Review of draft-ietf-dkim-base-00 (1)]
Dave Crocker
dhc at dcrocker.net
Mon Mar 20 08:46:09 PST 2006
(this is the last of the re-postings. /d)
-------- Original Message --------
Subject: Re: [ietf-dkim] Review of draft-ietf-dkim-base-00 (1)
Date: Mon, 20 Mar 2006 07:37:02 -0800
From: Eric Rescorla <ekr at rtfm.com>
Reply-To: EKR <ekr at rtfm.com>
To: dcrocker at bbiw.net
CC: DKIM IETF WG <ietf-dkim at mipassoc.org>
References: <20060319174949.52D5AB87A at delta.rtfm.com>
<441E240F.8020601 at dcrocker.net> <86u09tqlny.fsf at delta.rtfm.com>
<441EBDBE.9070502 at dcrocker.net> <868xr5p2y5.fsf at delta.rtfm.com>
<441EC763.5030000 at dcrocker.net>
Dave Crocker <dhc at dcrocker.net> writes:
>> Well, it certainly is so much easier to write security protocols
>> if you don't require them to be actually, you know, secure.
>
> Oh. So you see a technical flaw in DKIM?
>
> Please cite it. Please indicate what solutions will resolve it.
>
> Failing that, please explain what you mean.
I thought I was clear in the original message. There are well-known
attacks on DKIM when it is used in the absence of DNSSEC. There's
no secret here--it's explained clearly in both documents. Whether it's
a "flaw" or not is a matter of opinion, of course.
>>> Not too happy about having the word disingenuous applied to the
>>> analysis you posted?
>> No, just bored.
>
> Have you ever noticed how someone making that statement, at the end of
> an energetic exchange that they have not won, mostly never means it?
>
> I wonder if that qualifies as disingenuous?
Whatever.
-Ekr
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
More information about the ietf-dkim
mailing list