Additional lookups (was Re: [ietf-dkim] Re: 1368 straw-poll)
Steve Atkins
steve at blighty.com
Thu Mar 1 08:44:03 PST 2007
On Mar 1, 2007, at 5:44 AM, Wietse Venema wrote:
> Charles Lindsey:
>> On Wed, 28 Feb 2007 13:21:55 -0000, Hector Santos
>> <hsantos at santronics.com>
>> wrote:
>>>
>>> There are three basic outcomes with a message:
>>>
>>> VALID SIGNATURE
>>> INVALID SIGNATURE
>>> NO SIGNATURE
>>
>> No, there are four basic outcomes with a message. You omitted
>>
>> UNVERIFIABLE SIGNATURE
>>
>> which just happens to be the one that this thread is all about.
>
> On a friendly internet with only cooperating parties, this might
> make sense. But the world has changed. With today's internet it
> would be a fundamental mistake to make more distinctions than:
>
> the signature was verified
> other
>
> If the verifier gives different treatments to different types of
> "other", then the bad guys will exploit the verifier's behavior.
>
> The solution to the problem is not to complicate the protocol, but
> to avoid the mistake of giving different treatments to different
> types of "other".
+1.
Cheers,
Steve
More information about the ietf-dkim
mailing list