On 10/14/2010 10:47 AM, Murray S. Kucherawy wrote: >> -----Original Message----- >> From: John R. Levine [mailto:jo...@iecc.com] >> Sent: Thursday, October 14, 2010 10:45 AM >> To: Murray S. Kucherawy >> Cc: DKIM List >> Subject: Re: [ietf-dkim] layer violations, was detecting header mutations >> after signing >> >>> I think if it becomes well-known that users of MUA 1 are easier to phish >>> than users of MUA 2, a lot of people will gravitate to the safer >>> implementation, don't you? I sure would. >> >> Aw, come on. How many millions of people still use Outlook Express on >> Windows XP? Switching MUAs is painful, people rarely do it. > > ...meaning MUA developers won't bother to do something about it once the > attack is plainly visible and they're used as examples, because since users > won't switch anyway, there's no motivation?
Not to mention the false dilemma that this needs to be handled in the MUA exclusively. It doesn't. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html