The IESG has approved the following document: - 'Analysis of Threats Motivating DomainKeys Identified Mail (DKIM) ' <draft-ietf-dkim-threats-03.txt> as an Informational RFC This document is the product of the Domain Keys Identified Mail Working Group. The IESG contact persons are Russ Housley and Sam Hartman. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dkim-threats-03.txt Technical Summary This document provides an analysis of some threats against Internet mail that are intended to be addressed by signature-based mail authentication, in particular DomainKeys Identified Mail (DKIM). It discusses the nature and location of the bad actors, what their capabilities are, and what they intend to accomplish via their attacks. Working Group Summary The DKIM WG easily reached consensus on the specific threats and on how to document them. A couple of participants had concerns that the document contained insufficient detail or was restricting design options, but these participants also want the DKIM WG to move on to protocol design. Protocol Quality As this is a threat analysis, there are no implementation issues. The DKIM WG chairs solicited review from some current and former IAB members, and received review from one, who was not totally pleased with the document, nonetheless he helped improve it. The main issue with such an analysis is that one can never know when the work is complete. The DKIM WG did expend significant effort on this document both in creating text and review. This document was reviewed by Russ Housley for the IESG. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
