On 6/18/04 1:40 PM, Bill Mcinnis sent forth electrons to convey:
Simplistically speaking, since domains/networks know how they are configured, why not have a mechanism that can sit on their domain and verify to those asking if a message came from their domain or network rather than trying to explain their whole setup to everyone? Likewise for those receiving the message have a mechanism that does the same thing in reverse. (for full disclosure this process is also something we have patent claims and working code on) That way you don’t have to list all of your users, ips, basically diagram your whole network setup to everyone.
Does ML have patent claims on the factored approach for checking if a
domain has said an IP is in an authorized-to-mail part of its network?
I.E. DMP's $REV-ADDRESS-1.in-addr._smtp-client.$FQDN ? (Adopted by FSV.)
Stuff on factored being a good/bad idea:
From Meng's familytree.pdf:
"tradeoff: Block vs factored. Block records require more parsing, but
subsequent lookups suffer zero marginal DNS cost. Factored records need
less parsing, but each new negative means a new DNS lookup."
The following section of draft-irtf-asrg-lmap-discussion-01.txt
is relevant:
4.2. Network Infrastructure
Publication of LMAP information results in a readily available list
of IP addresses of hosts authorized to send messages associated with
a domain. These lists yield information about the network structure,
business relationships, and possibly other information about the
domain owner, as growing number of domains are owned by single people
or families. Such lists may also provide hostile parties with a list
of targets for possible attacks.
However, such information is often already publicly accessible
through other means. Anyone communicating with individuals at a
domain may readily obtain this information, and share it with anyone
else. Business relationships have been discovered, for example,
prior to official public announcements, by examining DNS records.
Nearly all such private information about network structure and
relationships may therefore be described as already being readily
available. If such information is to be kept secret, it is the users
responsibility to send messages in such a way as to keep that
information private.