On Tue, 13 Jul 2004, Douglas Otis wrote:
Example of a Domain of Responsibility Tag:
C: MAIL FROM:<alice(_at_)example(_dot_)com>
DOR:t:"ddddd.dddddd";x:"ddddd";a:"ttttt";
s:"tttttttt";
b:"tttttttttttttttttttttttttttttttttttt";
d:"alumni.almamater.edu";
(a:algorithm,
t:time-stamp,
x:expiry,
b:base64 signature,
s:selector,
d:domain)
Why not just get the originator's MSA to sign the original return path?
This gives end-to-end authentication of the MSA, does not require any
change to aliasing/forwarding systems or to SMTP, and works well with
callback verification.
Dave Crocker's BTAV draft is a start at a specification.
After reviewing the Bounce Address Tag Validation (BATV) specification further:
http://www.brandenburg.com/specifications/draft-crocker-marid-batv-00-06dc.html
It seems possible to constrain <original local part+timestamp>/sig-type/sig
where the local part and timestamp as to to validate the message. The
order of these elements could be
<localpart+timestamp>/signature/selector
where selector identifies both the algorithm and the domain key
selector. Encryption excludes the selector where */selector may be used
to identify this type of local part address. The selector could be used
to perform the function of selecting the algorithm using a naming
convention and also selecting the key (tacked on the domain for a
DomainKey) such as selector.<domain>. The signature should allow the
recipient to check for forgeries where a expiry is determined by
convention as well. Accurately accrediting the originating domain would
be possible while only requiring a single DNS access! It could also
mean if the private portion of the key were shared with users, they
could send from any domain, but that would imply the domain was willing
to trust these individuals. For this to be used from the MUA and the
MTA, the presents of a selector would need to override the MTA
operation.
-Doug