Adam,
Paul kindly forwarded me a copy of his paper he sent out last year
which addresses the issue you raise.
The security hole can be eliminated with a simple nonce scheme, see
my earlier post.
Phill
-----Original Message-----
From: Adam Back [mailto:adam(_at_)cypherspace(_dot_)org]
Sent: Thursday, March 06, 2003 3:46 PM
To: Hallam-Baker, Phillip
Cc: Hadmut Danisch; asrg(_at_)ietf(_dot_)org; Adam Back
Subject: Re: pros and cons of RMX (Re: [Asrg] Declaration to
the world)
Phil wrote:
[...] If DNS is broken we can fix it for this application.
That was my request:
- RMX proposers should demonstrate fixes to it's security problems
- the deployment of any fixes to DNS should be considered part of the
deployment picture for RMX
(Deployment being probably the biggest challenge with any anti-spam
solution.)
Adam
mailfrom.txt
Description: Text document