[ietf-dkim] Are subdomains like parent domains?
Dave Crocker
dhc at dcrocker.net
Tue Apr 29 08:57:27 PDT 2008
Al Iverson wrote:
> My underlying point is that I need to understand more about how
> phishers, once locked out of use of bigbank.com due to DKIM+ADSP, can
> best be persuaded to avoid use of account.info.bigbank.com, or any
> other subdomain that they've thought of, that I haven't.
Al, I think you have phrased a very useful question. But I also think it
highlights a problem in how we've been pursuing things.
In all likelihood, we can assume that phishers will, in fact, try to use
sub-domains. I believe the real question is not the one you put forward but
rather:
How will it benefit phishers to use arbitrary sub-domains?
How, exactly?
1. What is the scenario on the receive side that will make this beneficial?
2. What is the basis for believing that this scenario will, in fact, occur?
So the question is about receive-side, not send-side.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list