Kee Hinckley wrote:
At 5:29 PM -0800 3/5/03, Hallam-Baker, Phillip wrote:
there. He wrote a challenge/response authentication callback
loop back in 1992 for the COMLINK mailer that we used to
publish the Clinton/Gore '92 (and the other candidates who made
it available) campaign litterature on the Internet.
The other problem with challenge/response systems is that there's a
missing link in the interface.
I go to a web site and purchase something. They send me an email
receipt. How exactly are they going to automatically get through my
challenge response? And don't say "you should have whitelisted them."
J. Random User is not going to do it unless it's as simple as hitting a
single button. Not to mention the question of "whitelist *what*?"
Their sales address? Their support address? Their domain? And using
what authentication system?
problem has been solved with stamps. I know I'm sounding like a broken record
(or will very shortly). The model is if you filter for stamps, then a robot can
attach a stamp to an auto response and it will get to your inbox. It's simple,
it's reliable, and if you make the right stamps, it's not easily exploited by
spammers.
by using stamps, you will eliminate any need for special white listing, domain
authentication, complicated dns reverse lookup rules and can be implemented
quickly and easily without major changes to infrastructure.
---eric
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg