Re: Scope for self-destructing email?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 18 Aug 2017, Phillip Hallam-Baker wrote:
Seems like overkill.  How about you pay attention to the Supersedes:
(see RFC 2156 and RFC 4021, section 2.1.46) if old and new messages
both have DKIM signatures from the same domain?  Same question about
why after 20 years nobody uses it outside of netnews.
​DKIM almost helps but this is a data level feature and it really does not
work well with a presentation layer authentication scheme like DKIM.
I suppose, but you'd need something like DKIM if you want to prevent 
attacks where the bad guy splices his headers onto your message, and it 
has the advantage that it exists and is widely deployed.
It's certainly not perfect, e.g., any gmail user could supersede anyone 
else's unless gmail limited what headers they sign, but that doesn't seem 
like a high value attack.
And to make it work well, you have to start from a messaging infrastructure
where every message and sender can authenticate themselves
cryptographically from the beginning...​
 ... with a pony?

R's,
John

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]