ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Consent Proposal

2003-07-02 10:24:44
from [Markus Stumpf] [Permanent Link] 
On Wed, Jul 02, 2003 at 12:46:16PM -0400, C. Wegrzyn wrote:

I'll just tell you what I designed..your mileage can vary. Trust was 
established between two parties, out of band perhaps. Once that trust 
was established all that was required was the use of X509 certs. A proxy 
in front of the MTAs would do all the rest....


I /do/ like the idea in principle.
What do you think would be required to establish a web of trust large
enough to cover the current email infrastructure.
I know quite some mailadmins (some personally, some virtually for years)
good enough to "trust" them. We could exchange the keys and have a
small web of trust. What is the benefit? I cannot reject all emails from
mailservers I don't have a key or I won't have any customers in zero time.

Current practise is to trust everyone unless configured otherwise. I don't
see a chance for a system that works the opposite way in the near future.

What we need is a simple system that says "trust me" and that even
allows to say "don't trust me" (because I am a workstation and probably
hacked or virus infected or abused).
And IMHO the cheapest, simplest and fastest method would be to associate
TXT records along with PTR records for IP addresses that would contain:
    "MTA=yes"
or
    "MTA=no"
and an optional abuse contact in form of an URI like
    "MTA=yes;mailto:abuse(_at_)example(_dot_)com"
    "MTA=no;http://www.example.com/abuse/contact.html";

If no such record is available it's up to you whether you accept or not.

It wouldn't break any of the existing mechanisms like forwarding, it
wouldn't have problems with large DNS packets, it uses standard existing
methods and it's easy to deploy.
However it would be weaker than RMX or SPF or ...

        \Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: 6. Solutions - Longterm - Replacing SMTP (Re: [Asrg] Bogus reasoning), C. Wegrzyn
Next by Date:  Re: [Asrg] Consent Proposal, C. Wegrzyn
Previous by Thread:  Re: [Asrg] Consent Proposal, C. Wegrzyn
Next by Thread:  Re: [Asrg] Consent Proposal, C. Wegrzyn
Indexes:  [Date] [Thread] [Top] [All Lists]