On Sun, 6 Mar 2005, Hallam-Baker, Phillip wrote:
How about if there was a means of obtaining BOTH message and user level
revocation in one go?
Consider the following, we put a unique opaque identifier code in each
message which looks just like a base64 string:
Yrpwqefhkjfoiuh2q3poiu32198ry2qph23p8ru2==
Active code on the DNS server unpacks to a structure:
NameID : MessageID
Nah, why not just do a hierarchical query?
Base64(SHA1(messageID)).Base64(sha1(userID))._revocation.example.com
Standard DNS config can then be used to revoke the user or the individual
message:
*.Base64(sha1(userID))._revocation.example.com TXT "status=revoked
reason=spam"
This type of mechanism would have to be signalled in the policy mechanism so
the recipient knows whether to do the check or not.
My version of BATV puts the security token in the domain part of the
return path instead of in the local part, in order to support exactly the
kind of revocation you suggest. In addition, because most recipient sites
check that the domain parts of email addresses are valid, we'll get a good
idea of whether a particular return path is being used for spam (based on
DNS query volume), and if we revoke it it will stop most sites from
receiving the message whether they know about my scheme or not.
More about it on the web at:
http://www.cus.cam.ac.uk/~fanf2/hermes/doc/talks/2005-02-ukuug/
http://www.cus.cam.ac.uk/~fanf2/hermes/doc/antiforgery/cam.txt
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BERWICK ON TWEED TO WHITBY: NORTH OR NORTHWEST 4 OR 5. MAINLY FAIR. GOOD.
SLIGHT OR MODERATE.