On 4/13/15 5:55 PM, Murray S. Kucherawy wrote: > On Apr 13, 2015 2:22 PM, "Rolf E. Sonneveld" >> But, if this 'registration' does not apply to the 'mandatory tag draft', > that means that every sender will always add the weak signature + > 'fs=<initial domain>' and a replay attack is reduced to breaking the weak > signature? > > You can't reuse the weak signature without a proper signature from the fs > domain on the same message. I imagine short expiration times mitigate that > risk.
Dear Murray, We are currently dealing with Botnets leveraging DMARC to obtain acceptance or abuse detected weaknesses as previously mentioned. Botnets are extremely proficient at deploying new attacks to leverage detected vulnerabilities. In this case, this scheme itself represents its own vulnerability. Regards, Douglas Otis _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
