[ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade and
Downgrade Attacks
Paul Hoffman
paul.hoffman at domain-assurance.org
Sun Feb 25 13:23:40 PST 2007
At 10:53 AM -0800 2/25/07, Michael Thomas wrote:
>At this point, all we have is MUST implements. Considering there is
>no opportunity for negotiation with mail, MAY/SHOULD implement
>algorithms seems like a pretty bad idea altogether.
We have no prohibition on implementing additional algorithms, so it
is fine for someone to implement, for example, DSA signatures.
>So is this still a real
>problem for DKIM?
Yes, it still is, because we didn't say (and should not have said)
"MUST NOT implement any other signature algorithm".
--Paul Hoffman, Director
--Domain Assurance Council
More information about the ietf-dkim
mailing list