[Top] [All Lists]

some message bullet-proofing

2004-01-16 14:46:25

    If we really want to make mail traceable, we need to do a bit more than
    fix Received.  As I see it, we need:

    - A message hash function that is invariant across the various kinds of
    munging that happens in mail transport, but still good enough for
    non-repudiation (though it probably won't be good enough to serve as a
    general-purpose signature)

    - A new header field which associates the message hash, originator-id,
    timestamp, and originating ISP or organization, which is signed by that
    originating ISP or organization, and which is easily verifiable by
    recipients or MTAs

This has some general utility, and is also needed for anything along the lines 
of the "domain keys" transit validation mechanism.


<Prev in Thread] Current Thread [Next in Thread>