ietf-mxcomp
[Top] [All Lists]

RE: RE: plan for april 5th xmpp conference...

2004-03-27 17:35:26

The 3 model picture follows from what has been said 
about 'use' and
'meaning'; that is, either prescribed by "authority", left to the
recipient, or hinted by the publisher. I would strongly 
support the 3rd
way. I guess that I'm coming to where you are from a 
different direction.

What I am saying is that the sender is not saying use a 
particular type of authentication, the sender is saying
"This address is frequently the target of impersonation
attempts, if you have the capability to perform rfc822
From verification it is important that you do so and great
weight should be placed on any negative finding".

That is not a directive to apply a particular type of 
auth, which the group is rightly seeing as an impractical 
proposition. But the targets of phishing attacks really
need a means today of saying 'take the sender address really
seriously'. I suspect that this requirement will become 
very much more widespread in the future.

        Phill


<Prev in Thread] Current Thread [Next in Thread>