Folks,
On Fri, 17 Sep 2004 14:55:45 +0100, David Woodhouse wrote:
On whether we want to include a hash of the body (or a hash of the
RFC2822-signature header alone) in the BATV reverse-path itself: I'm
still not sure -- I'd be interested in a discussion of that idea.
One of the ways to validate a line of thinking is to see whether it gets
replicated indpendently.
David has done a very nice job of independently producing the reason for having
BATV present a framework, rather than a single mechanism. (The other is that
there is no public key 'winner' yet, so we could not choose just one.)
When one thinks of classic approaches to doing encryption-based security, the
solution space for RFC2821.MailFrom signing that is acceptable is rather
remarkable. It appears that astonishingly weak mechanisms can often be useful.
d/
--
Brandenburg InternetWorking
dcrocker(_at_)brandenburg(_dot_)com
+1.408.246.8253