Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Scott Kitterman
On Tuesday, February 14, 2023 4:16:00 PM EST Evan Burke wrote: > On Tue, Feb 14, 2023 at 11:44 AM Michael Thomas wrote: > > On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas wrote: > >> Have you considered something like rate limiting on the receiver side for > >> things with duplicate msg-id's?

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Michael Thomas
On 2/14/23 1:16 PM, Evan Burke wrote: On Tue, Feb 14, 2023 at 11:44 AM Michael Thomas wrote: On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas wrote: Have you considered something like rate limiting on the receiver side for things with duplicate msg-id's? Aka, a tar

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Evan Burke
On Tue, Feb 14, 2023 at 11:44 AM Michael Thomas wrote: > On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas wrote: > >> Have you considered something like rate limiting on the receiver side for >> things with duplicate msg-id's? Aka, a tar pit, iirc? >> > I believe Yahoo does currently use some

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Michael Thomas
On 2/14/23 11:30 AM, Murray S. Kucherawy wrote: On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas wrote: Have you considered something like rate limiting on the receiver side for things with duplicate msg-id's? Aka, a tar pit, iirc? As I recall that technique is sometimes not

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Murray S. Kucherawy
On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas wrote: > Have you considered something like rate limiting on the receiver side for > things with duplicate msg-id's? Aka, a tar pit, iirc? > As I recall that technique is sometimes not suggested because (a) we can't come up with good advice about

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Michael Thomas
On 2/13/23 9:43 PM, Evan Burke wrote: On Fri, Feb 10, 2023 at 2:31 PM Michael Thomas wrote: On 2/10/23 2:10 PM, Evan Burke wrote: The M3AAWG BCP will cover recommended header signing/oversigning policies. I'll make sure that's shared here when it's published. Any idea

Re: [Ietf-dkim] DKIM Replay Problem Statement and Scenarios -01 draft posted

2023-02-14 Thread Alessandro Vesely
On Tue 14/Feb/2023 06:43:22 +0100 Evan Burke wrote: On Fri, Feb 10, 2023 at 2:31 PM Michael Thomas wrote: On 2/10/23 2:10 PM, Evan Burke wrote: The M3AAWG BCP will cover recommended header signing/oversigning policies. I'll make sure that's shared here when it's published. Any idea when