(apologies for the delay)
Bart Schaefer wrote on 30 Nov 2008 13:39:41 -0800:
On Nov 30, 2:02pm, Alessandro Vesely wrote:
} Subject: Re: [Asrg] Mailing list signup handshakes
}
} Bart Schaefer wrote:
} >
} > We're just replacing postage with signup verification.
}
} Postage is for each message, signup for sender/recipient pairs.
If the point of verified signup is to filter mail for which there
has not been a signup, then the signup has to be re-verified on each
message.
Not really. After the first (lengthy) verification the sender gets a
token (actually a password) that it will re-use to send further
messages of the same sort.
Unless you're trusting the sender, in which case I refer
you back to several messages from RSK.
The sender is actually a relay doing inter-domain alias
expansion/explosion. Of course it may turn out to be non-trustworthy,
which would in turn put under discussion the assumptions that led to
granting it access.
Those whitelists are based on names rather than IP addresses, so they
may be more manageable than the whack-a-mole game.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg