On 10/29/2012 10:48 AM, Tim Draegen wrote:
> Receivers should consider the strength of the underlying key before
> attaching a "Trust Indicator".
Indeed, /when trust indicators are being used/, it would seem
appropriate to insert a SHOULD or MUST on top of RFC6376's basic
statement that "Verifier policies may use the length of the signing key
as one metric for determining whether a signature is acceptable."
But that's not the point I wished to make in the "false positives"
thread. What about DNS cache poisoning (don't forget that SPF and DKIM
are ultimately relying on a UDP link in the chain!), what about replay
attacks, what about compromised systems, what about a whole list of
things in RFC4686 (thanks for pointing me to the reference, Franck; and
thanks Jim for the hard work) which are too numerous for me personally
to have even taken the time to read through all of them? The point is
this: people could be using 8192-bit RSA private keys ("in theory", you
know what I mean), and still, I would request vendors: please don't make
statements on my mom's email account that such and such message *_IS_*
from a trusted sender, because you'll make my reminders to her about
"personal responsibility on the internet" that much more difficult!
-Zach
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
