ietf-mxcomp
[Top] [All Lists]

Re: Who are we accrediting?

2004-06-30 22:06:25

On Thu, Jul 01, 2004 at 01:59:06AM -0000, John Levine wrote:
| 
| I realize that opinions differ, but I would like to see a scheme like
| CSV that uses an IP address to identify an MTA, and handle individual
| messages using something like Domain Keys that authenticates the
| message itself rather than a probably shared message source.  
| 

If Domain Keys signs messages at the MTA, the mix of good
and bad mail you mentioned will all acquire a DK signature.

Used in such a fashion, DK and SenderID both authenticate
the probably shared message source.

If we turn to per-user PGP, we end up with the same problem,
just shifted one level up: viruses will read secret keys and
keysniff passphrases, so PGP signatures emanating from an
owned machine are worth nothing also.


<Prev in Thread] Current Thread [Next in Thread>