From: "Vernon Schryver" <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com>
I advocate the use of SMTP-TLS, but it has a major defect for
authenticating mail. It only authenticates one MTA to another, or
in some cases an MUA to an MTA or an MTA to an MUA. It does not
authenticate the sender of the mail message itself.
And that is all that is necessary. I don't think that authenticating the actual
sender is practical. In order for sender authentication to be common it has to
be
inexpensive and convenient. In order to prevent spam, certificates need to be
expensive and/or inconvenient. That is why I only propose that some party
(usually
the ISP) be authenticated and responsible for enforcing antispam policy.
[...]
That may well be. Note that the certificate authority is not the only
one doing policing, though. If messages are authenticated, it is much
easier to detect abuse and filter it. Even at $100 per cert, if abuse
is detected after 10,000 messages, that's $.01 per message, which may be
enough to dissuade the abuse. Plus the certificate authority will have
at least some identifying and financial information to prevent the
abuser from acting again.
...
If any of that were true, then it would be equally true of ISPs.
Every SMTP message carries a practically unforgeable token identifying
and authenticating the previous hop ISP. If certificate authorities
could be trusted to police customers that spend $100/year for a
certificate, then ISPs could be trusted to police customers that spend
$240/year for ISP service.
Well, if you really consider message headers unforgeable, you can skip the
cryptographic authentication! There are still a few differences from the current
system. Instead of an MTA blacklist, you have an MTA whitelist. Each ISP must
declare its policies and provide a means to check that it is abiding by them.
That's a pretty big difference, I think.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg