ietf-asrg
[Top] [All Lists]

Re: forged bounces, was [Asrg] A CAPTCHA that automatically

2005-06-02 21:33:50

Do we really have to figure out yet again why an automated C/R system
is inferior in every way to a signature system like Domainkeys?

I'm not defending C/R systems as I believe they are not feasible for widespread 
adoption.  The system I've been promoting has some slight overlap but is 
markedly different and superior to C/R.

DK in effect sends the answer to the challenge along with the original
message.  The recipient does the "challenge" by validating the message
checksum and and checking the singature against the sender's published
key.  It doesn't triple the mail traffic like C/R does,

Triple the mail traffic?  As I've previously described (and outline on my 
website) with the use of filtering we should expect no more than a 1-5% 
increase in traffic, depending on the efficacy of the filter.


it doesn't
require that senders remember all the mail they've sent to know which
challenges are to real mail and which to forged,

This 'remembering' in invisible and effortless as far as the sender is 
concerned.

and as a free added
bonus, it works today with several hundred million DK signed messages
being sent and delivered every day.

I support DK, but its existence doesn't mean we don't need to seriously pursue 
additional venues.

Michael G. Kaplan

-- 
_______________________________________________
NEW! Lycos Dating Search. The only place to search multiple dating sites at 
once.
http://datingsearch.lycos.com


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg