[ietf-dkim] Issues 1525/1426 (was Re: Restriction to posting
by first Author breaks email semantics)
hsantos at santronics.com
Sat Dec 22 13:05:57 PST 2007
Dave Crocker wrote:
> Eliot Lear wrote:
>> On the other hand, one could argue that this could be used as a form of
>> attack - that I Mr. Spammer insert a From line, a Sender line AND a
>> signature, with my main objective being to get mail in as some OTHER
>>> From (like a bank or Ebay), knowing that a particular UI is only going
>> to represent (first|last) From.
> This presumes that user interface issues are relevant to SSP.
> They aren't. Or, rather, they shouldn't be.
> Or rather, if they are, we need to see the empirical basis
> for making these choices.
> We aren't in a position to make security-related design decisions
> for user interfaces.
We should only make sure we are consistent with the framework and/or
make sure there is isn't a dependency or create new ones that relies on
things that may be unfeasible to mandate.
Hector Santos, CTO
More information about the ietf-dkim