Dave,
My comments are in-line:
On Aug 1, 2005, at 6:13 AM, Dave Crocker wrote:
By way of seeding discussion, here is a feeble attempt (ie, my own)
at creating
a draft response.
Don't sell yourself short. I don't think I could do any better, and
by the looks of it most people on this mail
On Aug 11, 2005, at 6:54 PM, Ned Freed wrote:
As I just stated on the IETF list, absent a clear statement of what
this threat
analysis is actually supposed to analyze, I for one have little
interest in
"trying". I view my time as better spent trying to get the relevant
ADs and IAB
members t
Hector,
On Aug 11, 2005, at 7:45 PM, Hector Santos wrote:
Well, Andrew, atleast for me, I would really like to be part of
this effort,
but I can't help but feel it is a becoming a waste of time.
I'm sorry that you feel this way. And I'm sure there is not much I
can say to make things bett
Hector,
I believe all of these are threats against DKIM and could possibly
help to flesh out the security considerations section. My comments
are in-line:
On Aug 12, 2005, at 8:15 AM, Hector Santos wrote:
Threats:
- Adversary gains unauthorized access to domain private key
- Internal
On Oct 15, 2005, at 5:32 PM, Dave Crocker wrote:
newest Draft Charter:
the DKIM working group will make every reasonable attempt to keep
changes compatible with what is deployed, making incompatible
changes only when they are necessary for the success of the
specifications.
versus
St
On Oct 21, 2005, at 3:51 PM, Dave Crocker wrote:
On the other hand, doing more work takes more time. More time
means more delay getting more adoption.
If you are characterizing any change as more work, then you are
arguing for a rubber stamp.
In fact I have been getting a sense of some
Stephen,
I'm sorry for contributing more heat than light to this conversation.
And to answer Dave's question: I was not calling DKIM a kludge. I
rather like the spec. I was merely attempting to state a preference
against instituting a kludge for the sake of backwards compatibility.
Again
On Nov 1, 2005, at 2:27 PM, Arvel Hathcock wrote:
Right, but the important question is whether the
benefit of reducing exact domain spoofing is of
much value.
The value of reducing domain spoofing is presuppositional and
entirely self-evident. To continually question whether there is
va
On Nov 1, 2005, at 2:19 PM, Eric Rescorla wrote:
Really?? If I see a message which is DKIM signed by iecc.com and
iecc.com is on my "DKIM white-list" this is pretty useful info right?
I can probably get away with relaxing or even skipping heuristic spam
filtering on that email with a fair degre
On Nov 1, 2005, at 7:32 PM, Scott Kitterman wrote:
There are certainly those who hold that view. If all you are
worried about is
general spam, then that's probably a pretty reasonable view.
And I think it is reasonable for some to believe DKIM is about
combatting spam given the context of
I have to admit that I'm not enamored with the new charter text and
agree with the opinions about this type of work being done in a
separate BCP.
On Nov 3, 2005, at 1:40 PM, Michael Thomas wrote:
Your job
here is to get this wg formed and nothing more at this time.
I think that is exactly
On Nov 15, 2005, at 1:21 PM, Mark Delany wrote:
On Tue, Nov 15, 2005 at 12:05:15PM -0600, wayne allegedly wrote:
In <[EMAIL PROTECTED]> Michael Thomas <[EMAIL PROTECTED]> writes:
wayne wrote:
Why the three months between the SSP I-D and the DNS recourse
record?
Can't we just use a TXT RR
On Nov 15, 2005, at 2:10 PM, wayne wrote:
I think that anything that looks or acts differently than the TXT
record is going to cause confusion.
If it looks like a TXT and quacks like a TXT, why not just use TXT?
If the output of a "host -t TXT snake._domainkey.yahoo.com" looks
different than
On Dec 7, 2005, at 1:40 PM, Hallam-Baker, Phillip wrote:
I agree with Steve, we need separate selactors for each protocol
policy
and the process for defining them has to be workable.
I agree with this, as well.
-andy
___
ietf-dkim mailing list
ht
On Dec 21, 2005, at 9:39 PM, Arvel Hathcock wrote:
Although I also agree with Jim (and others) that the XMPP text is
just about
the same as our existing text, watching these events unfold has
drawn into
question my understanding of the rules so I need some clarification
(sorry,
I'm a newb
On Dec 22, 2005, at 7:59 PM, J.D. Falk wrote:DKIM won't be deployed widely enough to be useful to senders until about a year after the IETF finishes with it. That's a pretty interesting statement considering this argument is about backwards compatibility with the "wide deployment" of a specificatio
On Jan 6, 2006, at 5:40 AM, Eliot Lear wrote:Oddly I think we are agreeing, so perhaps we're both going in the wrong way ;-) I thought the point was to bound DKIM's capability. On the other hand, one could imagine a strict requirement for domain assignment in some TLDs (perhaps this is already th
On Jan 6, 2006, at 9:28 AM, Eliot Lear wrote:
Andrew Newton wrote:
DKIM's ability to identify a domain owner is [also] bounded by
whatever checks a registration authority imposes.
could be read to mean some domain registration rules can be counted
upon for this purpose. Practi
On Feb 20, 2006, at 4:25 PM, Hallam-Baker, Phillip wrote:
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Delany
Presumably a malicious TLD operator can also change what name
servers answer for your domain in which case they can
completely assume your identity as far as DKIM is concerned.
Whil
On Feb 21, 2006, at 10:22 AM, Michael Thomas wrote:It should be noted that the only thing this affects is SSP. A delegation cannot be overridden for selectors with the exception of gross manipulation of NS records which is not a dkim specific threat. I guess I don't understand your point.If the del
20 matches
Mail list logo
