On Wed 16/Nov/2016 21:12:45 +0100 Murray S. Kucherawy wrote:
On Thu, Nov 17, 2016 at 3:47 AM, Alessandro Vesely wrote:
That way it will stay dormant until someone gets hurt and has to activate
it, at which time it may cause more damage than improvement. A loose
cannon.
The document makes th
Am 2016-11-16 21:00, schrieb Murray S. Kucherawy:
On Wed, Nov 16, 2016 at 11:50 PM, Michael Storz
wrote:
Ok, I see you have removed the hashing of the recipient together
with the email itself. But how do you prevent a replay attack, if
the new tag is not bound to the email and signed with the
On Thu, Nov 17, 2016 at 7:28 PM, Alessandro Vesely wrote:
>
> Yes.
>>
>
> Well, if its title were *Incompatibility with Current Infrastructure*, I
> would agree there is a statement on the risk of disrupting how DKIM works.
>
That section talks about some things that are compatible (ignored tags
On 11/16/2016 1:09 PM, Terry Zink wrote:
This means ARC will be needed not only for mailing lists which modify the
header or
body of an email, but for EVERY mailing list and EVERY forwarded email or
EVERYTIME
the recipient has been modified and the email leaves the ADMD boundary. From a
DMARC p
> -Original Message-
> From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Hector Santos
> Sent: Thursday, November 17, 2016 9:30 AM
> To: dm...@ietf.org; Ietf Dkim
> Subject: Re: [dmarc-ietf] [ietf-dkim] a slightly less kludge alternative to
> draft-
> kucherawy-dmarc-rcpts
>
> On
Hi, Murray,
On 16-11-16 02:45, Murray S. Kucherawy wrote:
There's been a lot of great feedback here. I just cranked out an
update based on the discussion so far:
https://www.ietf.org/rfcdiff?url2=draft-kucherawy-dkim-rcpts-01
I forgot to update the title of Section 3, but other than that I t
On Fri, Nov 18, 2016 at 1:11 AM, Rolf E. Sonneveld <
r.e.sonnev...@sonnection.nl> wrote:
> Hi, Murray,
>
> On 16-11-16 02:45, Murray S. Kucherawy wrote:
>
>> There's been a lot of great feedback here. I just cranked out an update
>> based on the discussion so far:
>>
>> https://www.ietf.org/rfcdi
On Thu, Nov 17, 2016 at 9:51 PM, Michael Storz wrote:
>
> Thanks, I see. That means the recipient is bound to the message and an
> attacker cannot delete or change the new tags. Great solution, I like it,
> though I do not like the consequences when this extension will go into
> production.
>
>
Y
What Murray says makes sense. I don’t see the value of going forward with this
approach given the negative impacts involved.
Mike
From: ietf-dkim [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Murray S.
Kucherawy
Sent: Thursday, November 17, 2016 3:57 PM
To: Michael Storz
Cc: Ietf Dkim
Su
On November 17, 2016 2:57:00 PM CST, "Murray S. Kucherawy"
wrote:
>On Thu, Nov 17, 2016 at 9:51 PM, Michael Storz
>wrote:
>
>>
>> Thanks, I see. That means the recipient is bound to the message and
>an
>> attacker cannot delete or change the new tags. Great solution, I like
>it,
>> though I do
On 11/17/2016 9:34 AM, MH Michael Hammer (5304) wrote:
For exclusive policies (SPF -ALL), you really don't need DKIM, DMARC or ARC
for that matter since the receiver (at least ours) will never accept the payload
anyway, i.e. it never gets to the SMTP "DATA"
state. SPF does not require you t
11 matches
Mail list logo