ietf-mxcomp
[Top] [All Lists]

Re: comments on draft-rosenberg-sipping-spam-00.txt

2004-07-15 06:43:06

Andrew,

   Thus, instead of creating DNS entries containing the IP address of
   each legitimate relay for a domain, the provider can give each
   legitimate relay a certificate that allows them to authenticate
   themselves as coming from that domain.  Such a technique would work


 no said that public-key based client authentication was not possible.

 it is a perfectly reasonable idea.
 
 they said that it has not established any significant track record of use.

 blithely relying on a public key infrastructure ignores approximately
 15 years of failure to get one deployed and used on any large scale.
 
d/
--
 Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
 Brandenburg InternetWorking <http://www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>