On 10/12/2010 11:21 AM, Murray S. Kucherawy wrote: >> -1; I like the wording that's there. > Concur; -1 on the change. I furthermore submit that we are compelled to > describe the known "attack", as that's precisely what we are supposed to > include in Security Considerations.
We should keep in mind that DKIM's job is to deliver a validated domain name. I believe none of the "attacks" that have been discussed have anything to do with that task. Instead, they pertain to other forms of attack on perceived message content validity, which is entirely outside of DKIM's scope. Seriously. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html