Replay is an issue in the application of DKIM to real world problems. Clearly there must be an answer to the replay issue, but it does not follow that this must be developed in MASS.
The replay issue only really affects Web Mail hosts, there may be something of an effect for some ISPs but I doubt it. In either case controls to prevent bulk enrollment are likely to provide a sufficient first line of defense. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Douglas Otis > Sent: Monday, September 12, 2005 2:25 PM > To: Jim Fenton > Cc: IETF-DKIM; IETF MASS > Subject: [ietf-dkim] Re: MASS/DKIM interim minutes posted > > > > On Sep 9, 2005, at 8:44 AM, Jim Fenton wrote: > > > Presentation slides and interim minutes from the MASS (DKIM) BoF at > > IETF 63 in Paris have been posted to the IETF website: > > > > https://datatracker.ietf.org/public/proceeding_interim.cgi? > > meeting_num=63 > > > > (search for "MASS") > > > (Doug Otis): Replay abuse is a problem; don't consider the spec as > written as sufficient. {Exclusion of reputation from the > charter is a > problem; it needs more visibility.} > > I do not recall my exact words, I am sure this was not what I said. > "The impact upon the domain's reputation has not received sufficient > consideration either." I have attempted to expand upon that issue > within the mass-reputation draft. This is _not_ related to > establishing reputation or accreditation services, as seemingly > understood. I have steadfastly said these services are a separate > issue, while protecting one's reputation is not. > > -Doug > > > > _______________________________________________ > ietf-dkim mailing list > http://dkim.org > > _______________________________________________ ietf-dkim mailing list http://dkim.org
