ietf-mxcomp
[Top] [All Lists]

Re: Benefits/costs of authorizing different identities

2004-04-07 11:10:14


a mechanism that is based on smtp is a channel mechanism.  a mechanism
that has an arbitrary smtp server needing to trust information
provided from the origin is, by definition, a chain of trust model.

I think I know what you mean. If "trust" can be established *only* in that
channel, then yes, you'll have a chain of trust (possibly degenerate:
links, 1). If "trust" can be established otherwise (out of band), then you
don't need such a chain. I think you're putting the cart before the horse
here, and making an unwarranted assumption. It's yet to be determined that
we'd want to restrict ourselves to supporting establishment of trust (if
that's what we want to call it) in-band, or that any sort of "trust" model
is useful to us here.

That's me for today,
Regards,
JK