Alan,
Much as I like the idea of public key signatures, I don't
think that messageID lengths are really compatible with public
key. Basically DSA is the only algorithm that will work (RSA
signatures are a minimum of 128 bytes these days) and that has
a few problems.
The other problem you have is of binding, the message ID
cannot be bound absolutely to the message since you want to
be able to make minor modifications without issues.
The upshot is that if you want to add public key signature
that is a good thing to do, but specify a header for that purpose
rather than the message ID.
There is certainly utility in an approach that is something
less overwhelming than S/MIME in order to combat spam. In particular
we only need to authenticate a single part of the message transfer
in this case, the hop from the border gateway of the sender to the
border gateway of the recipient. We don't need to worry about the
end to end integrity problem since this is not an end-to-end
problem.
Phill
-----Original Message-----
From: Alan DeKok [mailto:aland(_at_)freeradius(_dot_)org]
Sent: Monday, April 07, 2003 12:30 PM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] MAC Constructed Message Ids.
"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
Let the MUA choose a random value X, store it in a place that
is persistent.
Each time a MessageID is constructed the following algorithm
is used:
stem = date + serial + '@'
checksum = MAC (stem, X)
ID = stem + base32 (checksum)
Alternately, use public/private gets to do something similar. The
benefit there is that the public keys can be put into DNS, and
*anyone* can verify the validity of the Message-ID.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg