On Mon 07/Aug/2023 23:52:02 +0000 Scott Kitterman wrote:
On Monday, August 7, 2023 7:47:47 PM EDT Murray S. Kucherawy wrote:
I think the document does describe the attack. An instance of the attack
is when a replayed message lands someplace it wasn't originally intended to
land, assuming normal usage.
That's ambiguous. Obviously, since the attack was planned, it may well be
that the potential victims were originally intended. The meaning is
tweaked by the "normal usage" assumption, which could be interpreted as
trying to pretend that the message author wasn't aware that the message was
going to be replayed...?
But my point above is simpler: "Replay Attack", when capitalized that way,
has me going to look for a formal definition of that term someplace. That
is, if we're going to use it that way, we should define it that way. So,
just add it to the Glossary at least, or say in Section 1.1 that this term,
in this document, means the attack described by that section. Or something.
Would it be enough to say "Replay Attacks are described in Section 8.6 of
DKIM", somewhere in Section 1.1 of the I-D?
I see your point. Thanks,
It will be interesting to see what develops. It's not a mystery that I'm
skeptical of a protocol solution to the issue.
The definition cannot include a method to recognize the attack. The I-D
implies that attacks are being recognized (became commonplace), but omits
the anecdotical narration of how it happens.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
