Stephen Kent wrote:
Folks,
I thought that what Russ asked for was not a threat analysis for DKIM,
but a threat analysis for Internet e-mail, the system that DKIM proposes
to protect. The idea is that only if we start with a characterization of
how and why we believe adversaries attack e-mail, can we evaluate
whether any proposed security mechanism, e.g., DKIM, is appropriate,
relative to that threat analysis.
That's pretty much my guess, but at least 2 other people
guessed completely wrong. Which is really why I'm vexed
by this -- why should we have to be guessing in the first
place? As I said, at least 5 members of the IESG or IAB
piped up about this as if it were self evident.
Here's something I wrote a while back which I intend to
dust off and propose as the basis for a formal requirements
draft that we have promised in our charter. Sections 4 and
5 are kind of what I would think of as being asked here as
a threat analysis, but as I've stated, I'm not really sure
that this jibes with what other people think is being asked
for.
http://www.mtcc.com/standards/draft-thomas-mass-req-00.txt
Mike
PS: this still needs some editing, especially in the requirements
section, so don't take this as my current position...
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf