|
Re: [Asrg] VPNs vs consent
2009-06-25 11:23:36
Claudio Telmon wrote:
If you mean by shared consent that all receivers must agree on consent, I think it can' t be done in a usable way. However, shared addresses usually mean that the consent of one of the receivers suffices. Then, from a technical perspective, it can be partially done. Anybody can distribute tokens for the address, and upload them to the MTA database. Since it is the MTA database that matters for filtering, messages will be properly accepted/rejected. Should a token need to be invalidated, any of the receivers should be able to do it, even if the token is not in his7her address book, again because its the token on the MTA that matters. However, they will need to cooperate in order to understand e.g. whose system has been compromised, since only one will probably have associated the token to an address.
The main problem is, probably only one of the receivers will have a proper token for answers, unless some shared repository is implemented. I didn't consider this issue.
This is something which appear in other situations too : like users preferences management
(enable filtering, filtering threshold, ... to name some of them).
You can't do any inference about what to do : unanimity, majority, one win, ...
Eventually, the border SMTP gateway just know that an address rcpt(_at_)domain(_dot_)com shall be
routed to rcpt(_at_)dept(_dot_)domain(_dot_)com, but rcpt(_at_)dept(_dot_)domain(_dot_)com will be expanded into a dozen
address, when reaching the mailserver of dept.domain.com (which aren't known from the
border gateway).
The other problem I mentioned is multiple addresses (jose-marcio.martins_da_cruz,
jose-marcio.martins, martins, ...). I can't imagine managing preferences for each
identity, nor a system telling that each address is equivalent to some other one, in a
domain with, say, 10000 or more users.
Unless you're able to build an "usine à gaz" (as we say in France), with preferences for
each valid address, there isn't a clean solution.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [Asrg] request for review for a non FUSSP proposal, (continued)
- Re: [Asrg] request for review for a non FUSSP proposal, Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP proposal, Seth
- Re: [Asrg] request for review for a non FUSSP proposal, Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP proposal, Claudio Telmon
- [Asrg] VPNs (was: request for review for a non FUSSP proposal, Alessandro Vesely
- Re: [Asrg] VPNs vs consent, Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent, Claudio Telmon
- Re: [Asrg] VPNs vs consent,
Jose-Marcio Martins da Cruz <=
- Re: [Asrg] VPNs vs consent, Claudio Telmon
- Re: [Asrg] VPNs vs consent, Rich Kulawiec
- Re: [Asrg] VPNs vs consent, Claudio Telmon
- Re: [Asrg] VPNs vs consent, Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent, Claudio Telmon
- Re: [Asrg] VPNs vs consent, Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent, Rich Kulawiec
- Re: [Asrg] VPNs (was: request for review for a non FUSSP proposal, Claudio Telmon
- Re: [Asrg] VPNs (was: request for review for a non FUSSP proposal, Rich Kulawiec
- Re: [Asrg] VPNs, Alessandro Vesely
|
|
|