[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Replay attacks and ISP business models

To: ietf-mailsig@xxxxxxx
Subject: Re: Replay attacks and ISP business models
From: John Levine <johnl@xxxxxxxx>
Date: 6 Aug 2005 01:11:46 -0000
Cc: andy@xxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
List-id: <ietf-mailsig.imc.org>
List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
Organization: I.E.C.C., Trumansburg NY USA
Sender: owner-ietf-mailsig@xxxxxxxxxxxx

> It almost seems that replay can be detected just by monitoring the
> number of queries against a user key.

Only if you know in advance how many times a message will legitimately
be delivered and can see through the recipients' DNS caches to know
how many times a key was fetched, neither of which seems very likely.

Before we can describe a replay defense, the people who are concerned
about replay need to define what replay means, i.e., what's the
technical difference between a replay and a valid delivery.  The
definition can't require knowledge of people's mental states.

R's,
John

Follow-Ups:
- Re: Replay attacks and ISP business models
  - From: Michael Thomas
- Re: Replay attacks and ISP business models
  - From: Andrew Newton

References:
- Re: ] Replay attacks and ISP business models
  - From: Andrew Newton

Prev by Date: Re: MASS/DKIM BOF Summary
Next by Date: Re: Replay attacks and ISP business models
Previous by thread: Re: ] Replay attacks and ISP business models
Next by thread: Re: Replay attacks and ISP business models
Index(es):
- Date
- Thread