Sorry for the delay. Top level, I agree that this draft tightens up the details in a beneficial way, and the working group ought to work off the crocker version. I'm happy to also merge this version in my problem-statement draft also.
My interpretation of the changes, is that the crocker draft removes one of the redundant DKIM replay definitions found in the introduction. It also tightens up the language with respect to RFC5598 and reorders the glossary section. There's a new section "Replay technical characteristics" which is gives our current understanding of what a replayed message would look like. On Thu, Mar 9, 2023 at 7:20 AM Dave Crocker <d...@dcrocker.net> wrote: > On 3/9/2023 7:04 AM, Tim Wicinski wrote: > > it would be useful to the working group if the authors > could perhaps summarize the differences between them. > > As I noted, mine is a revision of Wei's. (And I have been among the > contributors to his, for some months.) If adopted, the author list needs to > reflect that, really, it's the work of that set of authors. > > My goal was to tighten the focus, as well as to reduce the tutorial > content. It still has a fair amount of foundational introduction, since > many people don't know all the terms or use them differentially. > > For a long time, I'd thought that references to SPF should be removed, > since this is about DKIM. As the text on detection of replay developed, > I've been swayed that limited reference to SPF can be helpful. But I > removed reference to DMARC, since I think it adds nothing to detection. > I'm good removing DMARC . Glad you kept the SPF description, and put in clarifications on why SPF is important in the context of DKIM replay. > The discussion of possible prevention/mitigation is isolated to the last, > brief section. Given that the document is likely to get wide distribution, > I think it might be helpful to have a small amount of discussion that > emphasizes that this topic will not be amenable to trivial solution. > Also glad that it was kept, as I agree, I think it's important for readers to understand broad outlines of some of the existing ideas and their issues. -Wei > d/ > > -- > Dave Crocker > Brandenburg InternetWorkingbbiw.netmast:@dcrocker@mastodon.social > > _______________________________________________ > Ietf-dkim mailing list > Ietf-dkim@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-dkim >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim