Scott Kitterman:
> On Saturday 09 September 2006 12:07, Dave Crocker wrote:
> > Wietse Venema wrote:
> > > Here is an example why first-party signatures can be dangerous.
...
> The best way to help end-users avoid getting phished it to not accept phishing
> messages for delivery. DKIM-SSP where strict policy statements are published
> offer a mechanism for this. From my perspective, the utility of DKIM as it
> relates to end-users is, I agree, quite uncertain.
This is exactly the trap that I was describing in the mail cited above.
Blindly believing DKIM-SSP gives a false sense of security, and
provides criminals with even more convincing ways to rob people.
I really recommend that you read my entire email message.
> > Therefore, to the extent that anyone touts a DKIM-based mechanism as
> > defeating phishing, we run the risk of undermining all of DKIM's
> > credibility, by setting expectations far too high.
> >
> Agreed. Is anyone doing this?
See my point above. We're already raising expectations too high,
by claiming that DKIM-SSP will block phishing mail. It will only
make phishing mail look more authentic.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
