On 3/22/2023 11:22 AM, Murray S. Kucherawy wrote:
Do you believe knowing the answer to this question would allow us to amend the problem statement to something that might allow a protocol solution?
That sounds reasonable. However it might actually represent scope-creep for a Problem Statement document.
I'd expect a PS doc to be required to describe... the problem. The problem is what we understand of what is happening. At it's core, that's one paragraph of text.
It's possible to turn this into a large research problem, in order to discern all of the fine-grained details and corner-cases. That seems an IRTF task, not a WG task. For a WG, it seems best to have pretty much what we already have -- Wei is working on a revision -- which provides a working definition of a DKIM Replay Attack.
More in aid of recruiting participation than to satisfy an actual requirement, it might help to have some general discussion of operational issues, and broad strokes of current thinking about solutions. But again, that's for extra credit.
It would, after all, be nice to move from PS discussions to, you know, talk about remedy and maybe prevention paths.
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
