On Wed, 6 Oct 2004, Tony Finch wrote:
I don't think we need crypto to authenticate the previous hop. TCP is
enough to authenticate the IP address. CSV gives us an authenticated
responsible name.
Agreed.
The whole point of MASS is it covers the whole journey of the
message.
I don't believe this is the "whole point of MASS", but I now understand
it might be straightforward to have every relaying MTA sign a message as
it passes. This would provide a traceable path. I don't think that's a
primary goal but I agree it's a point worth debating in the working
group.
Getting people to use TLS's authentication features with SMTP (not
counting message submission) would be an impressive feat. The
deployed base does a lot of unchecked opportunistic TLS, so if you
tried to use TLS with checks turned on you'd likely find a lot of
interop problems.
Although I agree with you it's not clear to me how you would distinguish
the resource needs of this development and deployment from that of a new
protocol to support MTA-MTA signatures. But then again, developers
often have their own ideas about what's hard and what's easy, for
unrelated reasons sometimes. :-)
Jim