ietf-mxcomp
[Top] [All Lists]

Re: The roaming user problem is insoluble

2004-05-09 09:26:04

These are the options if you want to validate senders by IP. 

Which is not to say there aren't other options available.
Such as perhaps using PGP or S/MIME to provide certain verification and
trace record of user's identity or other crypto based mechanisms
(yahoo domain keys might be one if I ever get to see their specs)

Right.  The question is whether the benefits of attempting to validate
bounce addresses by IP are worth the hassle.  We have to address that
in view of the other options like signatures that don't depend on
bounce addresses in mail and IP addresses of senders.

It seems to me analyzing potential impact of these solutions would be
good task for research group, ASRG to be more particular

I agree, but in ASRG I was never able to whip up much interest in
doing experiements.  We can talk about what might happen forever
(some would say that's already happened) but we need experimental
data about what actually does happen.

That's why I think MARID should come up with something and publish it
as experimental or whatever the 0th step on the road to a standard is,
so people will at least have something that will either be accepted or
not.  My guess is that the answer will be "not" but we'll have no way
to know until there's enough experiments to make useful statements.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
http://www.taugh.com