Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

Scott Kitterman Thu, 16 Feb 2023 10:45:05 -0800


On February 16, 2023 6:10:39 PM UTC, Evan Burke 
<evan.burke=40mailchimp....@dmarc.ietf.org> wrote:
>On Thu, Feb 16, 2023 at 7:30 AM Murray S. Kucherawy <superu...@gmail.com>
>wrote:
>
>>
>> If my prior formulation is right, i.e., that the attack only takes a few
>> seconds to complete, what "x=" value are we proposing that will work here
>> without also bringing undesirable side effects?
>>
>>
>The biggest current problem with replay is that it happens in bulk, at
>substantial scale. x= is effective against that because it takes time to
>send millions of messages.  Is it perfect? No. But it's not difficult to
>choose between 10,000 replays using my domain vs. millions.

Okay.  What's the value for X - T that prevents this problem, but doesn't cause 
DKIM signatures of "normal" mail to fail?

Scott K

_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

Reply via email to