On Fri, Jun 18, 2004 at 08:55:35PM -0700, Hallam-Baker, Phillip wrote:
Another example where SPF syntax comes unstuck.
A domain uses S/MIME authentication in addition to IP based auth. This
allows a mail message from a bank to display the logo of the bank in a
privilleged part of the display by means of the X.509 logotypes extension.
That sounds like something that belongs only in MUAs. I think that's way beyond
the scope of SPF and its ilk.
The following information is needed:
* express statement 'all mail is signed'
* express the message digest of the signing certificate
* express the algorithm supported.
I claim, quite fairly, that spf syntax can handle this.
Now consider the following complications:
* Also support pgp message format
* express different signing policies 'mail signed when extension
* handle the TLS protocol
* different key distribution structures - web 'o trust, xkms, domain
[ ... ]
This is not a theoretical proposal. The use of signed mail is already under
serious discussion in anti-phishing forums.
It all sounds pretty vague to me. Perhaps you could explain more of the details.
It took me less than half an hour to write a schema for this application in
XML. I don't think anyone could claim to write a parser for a corresponding
SPF syntax in the same time.
that doesn't make any sense. obviously defining a schema/format/syntax takes
less time than writing the code to actually read it.