I thought that what Russ asked for was not a threat analysis for DKIM, but a threat analysis for Internet e-mail, the system that DKIM proposes to protect. The idea is that only if we start with a characterization of how and why we believe adversaries attack e-mail, can we evaluate whether any proposed security mechanism, e.g., DKIM, is appropriate, relative to that threat analysis.
This is more less my guess as to what's being asked for, although I disagree with the implication that DKIM proposes to protect email in its entirety. Regardless, others do not appear to agree and instead apppear to be doing very different sorts of analyses. Ned _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf