Hallam-Baker, Phillip wrote:
What I meant is: isn't S/MIME with keys in DNS be the same thing as
DomainKeys?
No, different semantics, close but not the same.
Doesn't RFC 3183 uses a domain wide key? (there is some discussion on
the S/MIME list about using that for domain-to-domain security)
Why do we need accreditation? The whole point of Domain Keys
and similar
solutions, is to tie the email to the original domain, not a specific
accreditation authority.
The accreditation is what you would work on, the knowledge that someone has
bought a domain is not very interesting on its own.
If a specific piece of email can be traced to a specific domain, than it
is interesting. This would force spammers to use their own domains, and
will reduce both spoofing and phishing. In security and cybersecurity,
it is important to narrow the playing field and with these schemes we
can narrow them to spammer's own domains. Then other solutions can be
applied.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Why are both drug addicts and computer aficionados both called
users?" (Clifford Stoll)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg