ietf-mxcomp
[Top] [All Lists]

Re: Everyone back from Seoul yet?

2004-03-09 15:34:19

On Tue, Mar 09, 2004 at 02:08:28PM -0600, Gordon Fecyk wrote:
I believe we're talking about the e-mail address when we talk about identity.
It's the most visible and identifiable item.

The correctness of eMail addresses is identified with things like
PGP/GPG. Not even SPF or RMX(++) identifies addresses, but the domain
that is associated with a sending MTA and that is only part of the email
address.

Identifying eMail addresses (even more with DNS) is a large hole as it
would require to have a list of valid email addresses in DNS in a form
that a receiving MTA could validate them and that would make these lists
target to e.g. dictionary attacks helping the spammers to clean up and
fill up their lists.

Other databases could work,
ie: LDAP, and still be de-centralized (each domain running their own LDAP
server - and many do even if they don't know it).

But they don't run it publicly accessible (as least those who know what
they are doing) and they have reasons for it - see above.

        \Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"