[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Replay attacks and ISP business models

To: "Douglas Otis" <dotis@xxxxxxxxxxxxxx>, "MASS WG" <ietf-mailsig@xxxxxxx>
Subject: RE: Replay attacks and ISP business models
From: "Hallam-Baker, Phillip" <pbaker@xxxxxxxxxxxx>
Date: Sun, 7 Aug 2005 17:40:42 -0700
List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
List-id: <ietf-mailsig.imc.org>
List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mailsig@xxxxxxxxxxxx
Thread-index: AcWbl+ZACydyYxqOQyyAzgSyFLVamwAGCCtA
Thread-topic: Replay attacks and ISP business models


> [mailto:owner-ietf-mailsig@xxxxxxxxxxxx] On Behalf Of Douglas Otis

> If replay does become a problem, then what is the response?  
> Should large domains then issue user-keys to everyone? 

There is actually little difference in per-user keys and signing the
sender field.

Per user keys only make a difference if they are individually
controlled.

 
>  The value of this acceptance is reduced when a signature 
> must also be checked against a third-party clearing house to 
> decide whether this represents a message being abusively replayed.

Are you arguing that the third party clearing house protocol is
absolutely essential for DKIM to have any value at all?

Prev by Date: RE: Replay attacks and ISP business models
Previous by thread: RE: Replay attacks and ISP business models
Index(es):
- Date
- Thread