On Fri, 30 Jul 2004, Larry Seltzer wrote:
If you really want to trust that the contents of a email message was
authored by the person who claims to be the author, you need to use a
digital signature based authentication mechanism (e.g. S/MIME).
S/MIME isn't necessary to address this scenario, which does demonstrate
the basic flaw of any IP-based solution. Domain Keys would have stopped
it though.
At a cost of loosing legitimate email if you rely on and if intermediate
systems (mailservers, forwarders, etc) do not support DK. On the other
hand, s/mime is designed to be end-end system that works no matter what
intermediate system does with email.
If we're to build mail server signature insertion system (which is not a
bad idea since neither s/mime nor pgp are used widely by end-users, so
so we must "help" them out by having mail servers sign email instead and
verify it), then such system should should be similar to real email
signatures and be end-end capable, meaning you don't have to be the next
hop in email transmission to be able to verify the signature safely.
One such proposal paper is available at
http://www.elan.net/~william/asrg/mta_signatures.htm
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net