On Tuesday, June 10, 2014 5:00 PM, Murray S. Kucherawy <[email protected]> wrote:
>> DKIM-Delegate suffers from replay attacks, and when not, > DKIM is already replayable. i'm not talking about DKIM, i'm talking about DKIM-D. i'm still waiting for u to address the spoofing hole u left wide open with this approach. no, i won't accept "short-lived" as a solution, cause that's easy to circumvent. >> introduces whitelisting which, kind of, breaks its premise. > I don't see how this introduces whitelisting requirements. === section 3, DKIM-Delegate [...] it asserts an ephemeral relationship between an original message signing domain and a later intermediary (Mediator). === this is, ESSENTIALLY, a whitelisting approach. and we have much better whitelisting solutions already. -- Vlatko Salaj aka goodone http://goodone.tk _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
