Oops. You're right. I was probably confusing this with WEAK.
-Jim
-----Original Message-----
From: Frank Ellermann [mailto:[EMAIL PROTECTED]]
Sent: Tue Jan 31 08:46:52 2006
To: [email protected]
Subject: [ietf-dkim] OT o=. (was: New Issue: 4.2 needs new Attack Item:Inconsistent Signature vs Policy Attacks)
Jim Fenton wrote:
>> Example loopholes:
>> 1) A message is signed, but the SSP indicated a "o=." (No
>> mail expected from domain).
> There has been a lot of discussion of "o=." but it's not
> actually in the current version of the SSP draft.
Did you confuse this with WEAK ? Or do you have a fresher copy
of the draft ? My copy draft-allman-dkim-ssp-01 still has o=.
on <http://tools.ietf.org/html/draft-allman-dkim-ssp-01#page-9>
Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________ ietf-dkim mailing list http://dkim.org
