[ietf-dkim] The key record upgrade attack
Douglas Otis
dotis at mail-abuse.org
Fri Aug 4 09:29:08 PDT 2006
On Aug 4, 2006, at 9:23 AM, Paul Hoffman wrote:
> At 8:38 AM -0700 8/4/06, Douglas Otis wrote:
>> During a transition, it would be important to communicate what
>> will be offered and what has been deprecated. Then these options
>> MUST be available or the related signatures MUST be ignored.
>
> The SSP document *cannot* change the way implementers of the -base
> document process signatures. "MUST be ignored" changes the logic of
> -base.
Interesting catch. This point was raised however during base, but
ignored.
-Doug
More information about the ietf-dkim
mailing list