At 07:49 AM 12/8/2003, Derek J. Balling wrote:
On Dec 7, 2003, at 6:04 PM, Mark Baugher wrote:
If DK means that each sender signs the message, then you have two
choices. One is to have a domain-wide private key, in which case it
must change regularly, as spammers will quickly obtain it.
I don't know why you would assume this.
If I am $BIGCORP with $BIGNUM of employees, there's going to be
less-than-honorable employees, there's going to be disgruntled
ex-employees. If the sender signs their own message then your company's
keys WILL get out into the wild.
I assumed that the MTA would have the private key and sign; not that the
mail operator would hand our a *copy* of a public/private keypair to each
sender. I have never heard of such a thing. Sorry that I missed that
aspect of the yahoo proposal, where did they say that?
Mark
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg