- Original Message -
From: "SM" <[EMAIL PROTECTED]>
To: "Stephen Farrell" <[EMAIL PROTECTED]>; "Jeff Macdonald"
> >And can't the threats document (& later, whatever relevant spec) not
> >just say "don't do that" and thus avoid the problem?
>
> The DKIM draft mentions:
>
>"Under no cir
Hi,
At 14:25 17-11-2005, Stephen Farrell wrote:
And can't the threats document (& later, whatever relevant spec) not
just say "don't do that" and thus avoid the problem?
The DKIM draft mentions:
"Under no circumstances should an unsigned header field be displayed
in any context that might
- Original Message -
From: "Douglas Otis" <[EMAIL PROTECTED]>
To: "Hector Santos" <[EMAIL PROTECTED]>
> On Nov 17, 2005, at 1:12 PM, Hector Santos wrote:
>
> > Doug,
> >
> > It will be helpful to be distinctive and to distinguish which
> > policies in
> > DKIM/SSP you are concern about:
Doug,
If the hash validates to the signing domain and first sender, why is it
nescessary that the two domains be the same?
thanks,
Bill
-Original Message-
From: [EMAIL PROTECTED] on behalf of Douglas Otis
Sent: Thu 11/17/2005 6:43 PM
To: Stephen Farrell
Cc: IETF-DKIM
Subject: Re: [ietf
On Nov 17, 2005, at 1:12 PM, Hector Santos wrote:
Doug,
It will be helpful to be distinctive and to distinguish which
policies in
DKIM/SSP you are concern about:
All but Never and None. : )
Please don't misunderstand, DKIM offers a tremendous advantage, but
reliance upon a domain being
Stephen,
> -Original Message-
> From: Stephen Farrell [mailto:[EMAIL PROTECTED]
> Sent: Thursday, November 17, 2005 2:36 AM
> To: Jim Schaad
> Cc: 'Barry Leiba'; 'IETF DKIM WG'
> Subject: Re: [ietf-dkim] DKIM Charter Comments
>
>
> Hi Jim,
>
> Jim Schaad wrote:
> > I have the followin
Dave,
> -Original Message-
> From: Dave Crocker [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 16, 2005 10:08 PM
> To: Jim Schaad
> Cc: 'IETF DKIM WG'
> Subject: Re: [ietf-dkim] DKIM Charter Comments
>
>
>
> > 4. It is not clear to me that you can separate the
> development of
I propose striking the entire paragraph.
And I propose ignoring that proposal. Can we move on now?
--
Arvel
___
ietf-dkim mailing list
http://dkim.org
On Nov 17, 2005, at 2:27 PM, Stephen Farrell wrote:
Doug - quick and simple question: does all of this depend
on there being >1 From address?
First-party policy mandates (the only mode restricting use and
somewhat protecting reputation) requires the _first_ email-address
correspond to the
I'll be really interested in which POLICY causes this low likelihood, low
impact problem?
-- Hector
- Original Message -
From: "Stephen Farrell" <[EMAIL PROTECTED]>
To: "Douglas Otis" <[EMAIL PROTECTED]>
Cc: "IETF-DKIM"
Sent: Thursday, November 17, 2005 5:27 PM
Subject: Re: [ietf-dkim]
Doug - quick and simple question: does all of this depend
on there being >1 From address?
Douglas Otis wrote:
DKIM should serve as an excellent mechanism for verifying the domain
accountable for the MTA to MTA exchange at the transport level.
However, once the email-address is bound in some
Jeff Macdonald wrote:
On Thu, 2005-11-17 at 22:02 +0100, Eliot Lear wrote:
Douglas Otis wrote:
From: <[EMAIL PROTECTED]>, Mustang Sally <[EMAIL PROTECTED]>
Introducing similar visual confusion for list-servers the following will
appear:
From: IETF-DKIM No-Reply <[EMAIL PROTECTED]>, Doug
On Thu, 2005-11-17 at 22:02 +0100, Eliot Lear wrote:
> Douglas Otis wrote:
> > From: <[EMAIL PROTECTED]>, Mustang Sally <[EMAIL PROTECTED]>
> >
> > Introducing similar visual confusion for list-servers the following will
> > appear:
> >
> > From: IETF-DKIM No-Reply <[EMAIL PROTECTED]>, Douglas O
On Nov 17, 2005, at 1:02 PM, Eliot Lear wrote:
Douglas Otis wrote:
From: <[EMAIL PROTECTED]>, Mustang Sally <[EMAIL PROTECTED]>
Introducing similar visual confusion for list-servers the
following will appear:
From: IETF-DKIM No-Reply <[EMAIL PROTECTED]>, Douglas
Otis <[EMAIL PROTECTED]>
Doug,
It will be helpful to be distinctive and to distinguish which policies in
DKIM/SSP you are concern about:
NONE (no policy declared)
o=? WEAK (signature optional, no third party)
o=~ NEUTRAL (signature optional, 3rd party allowed)
o=- STRONG (signature required, 3rd
Douglas Otis wrote:
From: <[EMAIL PROTECTED]>, Mustang Sally <[EMAIL PROTECTED]>
Introducing similar visual confusion for list-servers the following will
appear:
From: IETF-DKIM No-Reply <[EMAIL PROTECTED]>, Douglas Otis
<[EMAIL PROTECTED]>
Yes, this is valid 2822. I wonder what it brea
DKIM should serve as an excellent mechanism for verifying the domain
accountable for the MTA to MTA exchange at the transport level.
However, once the email-address is bound in some manner to the
transport, a set of significant problems arise.
In the current SSP draft:
2.9 Verifier Accept
wayne wrote:
>> The SSP part is short enough to be mirrored in SPF, either
>> inline as "modifier", or as its own record using the same
>> record type 99.
> I think this would be A Bad Idea because neither of the DKIM
> records have a required magic number at the beinning of the
> record.
Addin
Jim Fenton wrote:
> In some cases (2821-zoo) it appears you agree
Yes, in other words, if DKIM is all you have - either
as "signer" or as "checker" - it must still make sense.
> in others it appears that you are describing new threats
Not really, I just like your idea to sort the threats by
pro
Hi Jim,
Jim Schaad wrote:
I have the following comments on the draft charter:
1. The second paragraph has the sentence:
The DKIM working group will also produce security requirements to guide
their efforts, and will analyze the impact on senders and receivers who are
not using DKIM, particul
20 matches
Mail list logo