On Apr 14, 2006, at 1:15 PM, John Levine wrote:
I was wondering whether you received the two drafts that I
had sent you?
I did. Given the complete lack of interest everywhere
else, I doubt the answer in the ASRG is going to be any different.
Have I missed something?
It was Doug Otis' draft on the risks of SPF due to all of the DNS
queries that an SPF lookup can provoke. I don't see any thing
researchy
about it, and the issue is well known to everyone who cares about SPF,
so like I said to Doug, I don't see what we would do with it.
I have posted these drafts to the ietf. There will be an attempt to
demonstrate the threat and to make better measurements of these
estimates.
A little researhy... I agree with John, this should not be needed,
but some want to see this.
http://www.sonic.net/~dougotis/id/draft-otis-spf-dos-exploit-00.html
An alternative approach to that of SPF has been postulated for
comparison.
http://www.sonic.net/~dougotis/id/draft-otis-smtp-name-path-00.html
-Doug
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg