Bill Cole wrote:
At 11:45 PM -0500 12/6/03, Philip Miller wrote:
Here's a quick, off-the-cuff comparison of these two approaches:
LMAP Purpose: prevent domain name forgery of HELO/FROM
Domain Keys Purpose: prevent domain name forgery within message headers
Do we really know anything technical about DK? All I've seen is that
Yahoo press release, and it is pretty fuzzy. I wouldn't want to make
much in the way of technical conclusions cased on that.
I based that assessment on the text
Under Yahoo's new architecture, a system sending an e-mail message would
embed a secure, private key in a message header. The receiving system
would check the Internet's Domain Name System for the public key
registered to the sending domain.
If the public key is able to decrypt the private key embedded in the
message, then the e-mail is considered authentic and can be delivered. If
not, then the message is assumed not to be an authentic one from the
sender and is blocked.
Yes, it gets the mechnics of public-key crypto wrong, but the idea is pretty
clear.
Philip Miller
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg