RE: at last: draft-levine-mass-batv-00


On Sun, 2004-09-19 at 04:23 -0500, Seth Goodman wrote:

In any event, these sorts of extended discussions about extended
utility are fine to have, but it is potentially a rich space to
explore.  One needs to remember that, to date, no messaging-based
(or, for that matter, originator-based) public key signing scheme
has gained Internet-scale deployment and use.


I am aware of that reality.  It may be a fine point, but this is not a
public key signature.  It is a one-way keyed hash signature that can only be
validated by the originator.  But your point is well-taken.  A large part of
our motivation lies in the fact that it seems likely that SPF will come to
fruition.


In particular, I believe you're referring to the possibilities for the
recipient to validate an SES reverse-path by use of SPF and the 'exists'
mechanism, and a stunt DNS server. Or some similar technique.

While that is wise in terms of getting a general BATV spec on the standards
track, we are faced with a fairly narrow time window if we wish to see
something other than SRS or SUBMITTER and changes to 2822 Resent-* header
usage deployed with SPF.  The people who are currently working on SES are
very interesting in finishing a protocol and writing a spec within that time
window.  Most of us feel that SRS, SUBMITTER and the changes to 2822
forwarding practices would be very bad for the internet mail system.  Yet
the SPF crowd does not seem concerned, nor does MARID.  We have to offer a
real alternative, including a proven implementation, if we are to have a
chance at preventing this.


We run the risk of introducing an off-topic argument into a forum which
was previously at least _relatively_ harmonious. But I'll bite the
bullet and state that I'm reticent about the use of SPF itself for
verifying SES signatures. I think the marid-mailfrom draft needs to die
and it looks like it may well do so. If we want to use marid-protocol as
a basis for publishing a _separate_ 'marid-ses' scope option, that might
be a more useful way forward. 

I think we can find a way to do that in conjunction with something very
much like the existing BATV draft.

-- 
dwmw2

<Prev in Thread]	Current Thread	[Next in Thread>
Re: at last: draft-levine-mass-batv-00, (continued) Re: at last: draft-levine-mass-batv-00, Dave Crocker Re: at last: draft-levine-mass-batv-00, Andrew Newton Re: at last: draft-levine-mass-batv-00, John Levine RE: at last: draft-levine-mass-batv-00, Seth Goodman Re: at last: draft-levine-mass-batv-00, John Levine RE: at last: draft-levine-mass-batv-00, Seth Goodman Re: at last: draft-levine-mass-batv-00, John Levine RE: at last: draft-levine-mass-batv-00, Seth Goodman RE: at last: draft-levine-mass-batv-00, Dave Crocker RE: at last: draft-levine-mass-batv-00, Seth Goodman RE: at last: draft-levine-mass-batv-00, David Woodhouse <= Re: at last: draft-levine-mass-batv-00, Jim Fenton Re: at last: draft-levine-mass-batv-00, David Woodhouse Re: at last: draft-levine-mass-batv-00, Jim Fenton Re: at last: draft-levine-mass-batv-00, John Levine Re: at last: draft-levine-mass-batv-00, Andrew Newton Re: at last: draft-levine-mass-batv-00, Dave Crocker Re: at last: draft-levine-mass-batv-00, David Woodhouse RE: at last: draft-levine-mass-batv-00, Seth Goodman RE: at last: draft-levine-mass-batv-00, Seth Goodman Re: at last: draft-levine-mass-batv-00, John R Levine

Previous by Date:	RE: at last: draft-levine-mass-batv-00, Seth Goodman
Next by Date:	RE: Rambings on RFC2822 signatures., Seth Goodman
Previous by Thread:	RE: at last: draft-levine-mass-batv-00, Seth Goodman
Next by Thread:	Re: at last: draft-levine-mass-batv-00, Jim Fenton
Indexes:	[Date] [Thread] [Top] [All Lists]