ietf-asrg
[Top] [All Lists]

Re: [Asrg] BATV + SPF roadmap

2006-09-05 10:12:06

On Tue, 5 Sep 2006, John Levine wrote:

Like it was mentioned, I would remind that BATV is a modification of
SES which came from SPF community.

Actually, it's the other way around.

You know I've been around during that time too - you better have very
good evidence before you make statement like above. Because I still
remember when you said you came up with BATV concept few days before
MARID's interim meeting in May 2004 and Wayne immediately told you
(or possibly to Dave Crocker - I think he was the one presenting it
on the meeting) that SPF had the same developed as SES and indeed spf-discuss archives how it's been developed a year before and its original form was exactly like BATV you introduced (difference in
encoding syntax but I'm sure you'd agree this is not important).
I can point everyone to correct archives of when it all happs and
can even point to your posts on SES's own list.

BATV came first under some other name that I forget now,

Please provide that name and evidence to back up what you said above.

SES added a lot of extra junk to it to come up
with what I have always seen as an inferior version of DK.

That was later version of SES which I tole the authors was bad
direction to take it to.

BATV is deliberately simple and works unilaterally, without recipient hosts needing to know anything about it.

SES can work just like that too. The only difference is that it
optionally to not only to answer if MAIL FROM is properly encrypted
but also to check on that by remote using dns and that can optionally
be referenced from SPF record. In fact same feature can be bullt on
BATV - the syntax is really not all that important.

The BATV documents point out that if there is a per-domain public key
system like DK or DKIM, it would not be hard to do a version of BATV
with signatures that could be verified remotely, but that is something
to think about after we're done with DKIM.

You originally wanted to also have public-key based BATV signature using DK public keys and I pointed out that size of the data you can put in
MAIL FROM is too small for you to use anything but 384k key which is
not going to be acceptable for security reasons (indeed DKIM minimum is
now 1024k).

--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>