> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Dave CROCKER > Sent: Wednesday, June 29, 2011 11:56 AM > To: Pete Resnick > Cc: DKIM > Subject: Re: [ietf-dkim] Pete's review of 4871bis > > If I missed it, I apologize, but have you define what you mean by "attack on > DKIM"? And why is it important to distinguish which category an attack > falls into?
I'll offer this up: Something is an "attack on DKIM" if it involves input that can cause DKIM to report a "pass" when it should report a "fail", or report "d=example.com" when it should've said "d=example.org". Since the general output of DKIM is pass/fail and a domain name plus some other optional signature stuff, I fail to see how double-From type attacks are attacks on DKIM. Rather, I think these things we're discussing are attacks on MUAs (or on ADSP implementations) that fail to do RFC5322 enforcement or fail to understand what DKIM is telling them. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
