I'm not sure that we have to approve anything...we just have to have a
protocol provide capabilities for interoperability..we don't have to
select a method..but rather design a protocol that will accommodate.
-----Original Message-----
From: asrg-admin(_at_)ietf(_dot_)org [mailto:asrg-admin(_at_)ietf(_dot_)org]
On Behalf Of
david
nicol
Sent: Wednesday, August 20, 2003 7:12 PM
To: Deven T. Corzine
Cc: Yakov Shafranovich; Andrew Akehurst; asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 6. Proposals - Challenge/response - CRI
On Wed, 2003-08-20 at 12:42, Deven T. Corzine wrote:
I think the only really significant semantic suggestion I'm
making
is that a hash of the body of a message should be included to
prevent forgeries of level-two systems.
That has been mentioned before and is a pretty good idea. It also
alleviates some privacy concerns since the originating MTA/MUA
does
not
have to store copies of messages, but can store MD5 hashes
instead.
Using a hash is an obvious thing to do, but it begs the question of
exactly
what you're hashing. You can't safely hash the entire message
because
the
headers change on every hop, at least for Received: lines. Other
headers
might be mangled or normalized as well. You can ignore the header,
but
it
would be good to validate parts of it. Even if you just hash the
body,
you
have to be concerned about the message being mangled by intermediate
MTAs.
I imagine one would hash all the MIME parts together. Or do whatever
GPG does with a MIME message. This but has been solved, there is only
to select an approach and approve it.
--
David Nicol / If at first you don't succeed, use a bigger hammer.
http://gallaghersmash.com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg