On Tue, Jun 10, 2014 at 12:23 AM, Vlatko Salaj <[email protected]> wrote:
> DKIM-Delegate suffers from replay attacks, and when not, > introduces whitelisting which, kind of, breaks its premise. > DKIM is already replayable. I don't see how this introduces whitelisting requirements. > also, we need a solution that doesn't risk of being modified > by any middle man on message path. DKIM can't offer that, > and will never be able to. > Yes, that is a risk. That's why a short-lived signature is used with other tight requirements. The risk might be a tolerable one for this application. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
