[ietf-dkim] SSP = FAILURE DETECTION
Wietse Venema
wietse at porcupine.org
Sat Sep 9 11:10:39 PDT 2006
Scott Kitterman:
> > Blindly believing DKIM-SSP gives a false sense of security, and
> > provides criminals with even more convincing ways to rob people.
> > I really recommend that you read my entire email message.
> >
> If you had said that Blindly believing [positive indications from]
> DKIM-SSP ... then I would agree 100%. I do not think that SSP can help
> assert anything about the goodness of a message. I think it's only utility
> is in finding some that are definitely bad.
Criminals switch strategy, and use look-alike domains to make their
mail look even more authentic than it does today.
If this is how SSP stops phishing mail, we have achieved nothing.
Wietse
More information about the ietf-dkim
mailing list