Bill Mcinnis wrote:
I think what we are working on falls into the authorization part of this
charter, unless I have that defined wrong. Could someone please explain
the difference as you all see it just so I am clear. Again, I am trying
to find the right place to go with this and keep getting shot down. It
is frustrating because while you all are talking about getting working
code, we already have it.
AFAIK "Message Level Authentication", is concerned with answering "the
fundamental question plaguing email today: 'Did you really send me this
email?'", whereas this group has a charter to come up with a mechanism to
enable "those maintaining domains and networks
[...] to specify that individual hosts or nodes are authorized
to act as MTAs for messages sent from those domains or networks"
This difference may be easier to understand if you consider how you'd use
either system *without* a message in hand:
MARID:
Q. domain name, IP
A. Yes | No
Message Level Authentication:
Q. Did you really send me this email?
A. What email? What are you on about? Are you on drugs?
Regards,
JRK