[ietf-dkim] Why only exact domains matter
Arvel Hathcock
arvel.hathcock at altn.com
Wed Apr 30 19:12:22 PDT 2008
>> So, are you saying that because we don't provide protection against
>> "cousin domains" we should drop our effort to provide protection
>> against mis-use of "exact domains?"
>
> Where you say "exact domain" I presume you mean "subdomain", but I'd
> flip it around to make it clearer.
I'm saying that an attackers use of "i-look-like-domain.com" does not
diminish or defeat the level of protection which ADSP provides to
"domain.com". In fact, ADSP will push _all_ attackers to move to
"i-look-like-domain.com." I view this as a good thing, others don't and
I'm struggling to understand why.
Arvel
More information about the ietf-dkim
mailing list