On Wed, 4 Aug 2004, Hallam-Baker, Phillip wrote:
http://www.imc.org/ietf-mxcomp/mail-archive/msg02817.html
http://www.imc.org/ietf-mxcomp/mail-archive/msg02818.html
These are pointers to issues that have already been raised, are not
considered critical and in any case fall far short of the claims
made by Dean of Death of the Internet: News at 11.
Not critical?! I'm expecting deployment of SPF and Sender-ID to cause
significant problems for my site, and I neither publish nor check these
DNS records. A protocol that causes problems for sites that do not
participate is seriously flawed.
Many of the work-arounds for the problems caused by designated sender
protocols weaken the protocols themselves (e.g. trusted-forwarder.org or
inserting a Resent-From: mailer-daemon(_at_)example(_dot_)com header before
every
Received: header) or weaken other existing security mechanisms (e.g. SRS
and open relays).
Of course the fundamental reason for the flaw is obvious: a trivial
failure to apply the end-to-end principle.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BERWICK ON TWEED TO WHITBY: WEST OR SOUTHWEST 2 OR 3 INCREASING 3 OR 4. FAIR.
GOOD. SLIGHT OR SMOOTH.