ietf-mxcomp
[Top] [All Lists]

Re: Sender ID and CSV are complimentary (long - sorry) (was: Unified SPF overlaps with CSV)

2004-06-30 03:05:19

On Wed, 30 Jun 2004, Roy Badami wrote:

Based on the above, which I realize might involve a misunderstanding
of one or both proposals, it seems to me that Sender ID and CSV
attempt to tackly essentially unrelated subproblems within the MARID
problem space.

I think a lot of the confusion in this and other threads stems from
the fact that the two proposals tackle different subproblems, and many
WG participants are essentially focussed on just one of them.

I think the reason for this confusion is the layering confusion in
designated sender schemes. CSV is purely focussed on authenticating the
SMTP client, and only checks a single hop of the multi-hop message path;
it doesn't attempt to deal with end-to-end authenticity. Designated sender
schemes aim to check that the message was sent by the purported sender
(which is an end-to-end property, not hop-by-hop) but it does this by
checking the last hop, not by checking the original end-point. If you're
focussing on the last hop the two schemes can appear to be doing the same
thing, but you can see they are not by considering the layers.

Tony.
-- 
f.a.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
MALIN HEBRIDES: SOUTH OR SOUTHWEST 4 OR 5, OCCASIONALLY 6. RAIN IN EAST AT
FIRST, OTHERWISE SQUALLY SHOWERS. MODERATE OR GOOD.


<Prev in Thread] Current Thread [Next in Thread>