ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: sender vs author, channel vs object, designated sender vs crypto signatures

2004-03-18 20:04:03
from [Mark C. Langston] [Permanent Link] 

On Thu, Mar 18, 2004 at 09:38:14PM -0500, Yakov Shafranovich wrote:


Meng Weng Wong wrote:


Does anybody not agree that designated sender is the best way to combat
RFC2821 MAIL FROM forgery?  Show of hands please ...



I am not sure if it is the best way to do it, but it is one way to do it.



I share Yakov's position.



Does anybody not agree that crypto is the best way to combat RFC2822
header From: forgery?



While designated sender schemes can be used for fight header forgery 
(like CID does), they might be breaking too many things. The question we 
should be asking is whether we should be verifying the "from" header, 
not whether proposal X is better. 


Indeed.

-- 
Mark C. Langston                                    Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org                                       
mark(_at_)seti(_dot_)org
Systems & Network Admin                                SETI Institute
http://bitshift.org                               http://www.seti.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: sender vs author, channel vs object, designated sender vs crypto signatures, Yakov Shafranovich
Next by Date:  Re: sender vs author, channel vs object, designated sender vs crypto signatures, Dave Crocker
Previous by Thread:  Re: sender vs author, channel vs object, designated sender vs crypto signatures, Yakov Shafranovich
Next by Thread:  Re: sender vs author, channel vs object, designated sender vs crypto signatures, Meng Weng Wong
Indexes:  [Date] [Thread] [Top] [All Lists]