The problem here is that you get a browser root key issue, the only people
who can offer service are the people who get looked at.
A beter approach is to add in a capability that allows people to say which
services have given them positive accreditations. This way the accreditatio
web is self booting.
The accreditation services could state that they should only be consulted if
cited as reference or that they have wider scope.
-----Original Message-----
From: Alan DeKok
Sent: Mon Dec 08 10:42:58 2003
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
Having the ability of someone else vouch for a domain, is another
advantage of this approach (DK) over LMAP,
Current blacklists can be viewed as a way of third parties vouching
for a domain. The MTAMark proposal is similar.
Though the various documents don't say so, there's nothing to stop
an MTA from looking up LMAP information in a third-party database,
too. e.g. "domain.com._lmap_.example.com", or
"4.3.2.1.domain.com._lmap_.example.com"
Hmm... I'll add that to the discussion document as a possible method
of blacklisting domains which are known to host spammers. Leveraging
the LMAP infrastructure for a domain-based blacklist just makes
sense...
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg