ietf-mailsig
[Top] [All Lists]

Re: MASS Security Review document

2005-02-14 12:28:29

--- Tony Finch <dot(_at_)dotat(_dot_)at> wrote:


On Mon, 14 Feb 2005, John Levine wrote:

I don't know about you, but I would rather that people respond by
stopping the outgoing spam run than by running around and trying to
unsign mail that's likely already been received.

Doug suggested that you can do this by making the revocation mechanism act
as a rate-limiter. This allows you to impose much lower response
thresholds, and gives you extra time to work out if the behaviour is
actually abuse.

If the revocation id is not very cache-friendly, then it could be as granular
as a message-id.



Mark.


<Prev in Thread] Current Thread [Next in Thread>