Re: marid-submitter-02: Recipient's point of view

ietf-mxcomp

Re: marid-submitter-02: Recipient's point of view

2004-08-06 13:06:42


On Fri, Aug 06, 2004 at 09:25:44AM -0700,
 Hadmut Danisch <hadmut(_at_)danisch(_dot_)de> wrote 
 a message of 30 lines which said:

HELLLOOOO. Wake Up!


Not at this time of the day.

May I ask who in this working group has experience in designing
security protocols?


Not me. Now, what's the security problem? The draft says that the
*client* SMTP must derive SUBMITTER from the 2822 headers and that the
*server* SMTP should check that they still match.

Besides a lazy server which understands SHOULD as "if you please", can
you present a scenario where SUBMITTER fails, because the bad guy
forged the 2822 headers (something which is easy to do, we know it, no
need to be a security expert)?

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
marid-submitter-02: Recipient's point of view, Hadmut Danisch Re: marid-submitter-02: Recipient's point of view, Meng Weng Wong Re: marid-submitter-02: Recipient's point of view, Hadmut Danisch Re: marid-submitter-02: Recipient's point of view, Stephane Bortzmeyer SUBMITTER and PRA, Meng Weng Wong Re: SUBMITTER and PRA, Stephane Bortzmeyer Re: SUBMITTER and PRA, Meng Weng Wong Re: marid-submitter-02: Recipient's point of view, Hadmut Danisch Re: marid-submitter-02: Recipient's point of view, Stephane Bortzmeyer <= Re: marid-submitter-02: Recipient's point of view, Douglas Otis

Previous by Date:	The real reason MARID won't work, RE: testing of MARID proposals, Gordon Fecyk
Next by Date:	Re: testing of MARID proposals, Stephane Bortzmeyer
Previous by Thread:	Re: marid-submitter-02: Recipient's point of view, Hadmut Danisch
Next by Thread:	Re: marid-submitter-02: Recipient's point of view, Douglas Otis
Indexes:	[Date] [Thread] [Top] [All Lists]