[ietf-dkim] SSP Responsibility Delegation - Security Concerns
Michael Thomas
mike at mtcc.com
Sat Aug 19 16:11:00 PDT 2006
Hector Santos wrote:
>
>>So let's send this from mailinglist.com through their authorized
>>submission server:
>>
>>From: president at company.com
>>Sender: mailinglist.com
>>DKIM-signature: d=isp.com;
>>
>>
>
>
>First, the presumption here is that president at company.com has subscribed to
>some mailing list where he should now be very aware the door is wide open to
>exploitations.
>
>
Does anybody else agree with this statement? I'm fairly certain that my
president
(or even the Resident for that matter) is decidedly unaware, and I can't
imagine
a universe in which mine or any other would be aware of such a threat.
Since this
threat does not exist with the NS delegation method, my president could
remain
in unaware bliss which seems like as it should be.
Mike
More information about the ietf-dkim
mailing list