Alternatives are in fact available, but those who know about it can not
share it right now since WG chairs have requested that until last call is
completed that people on this list evaluate current drafts that are based
on Sender-ID proposal. And I believe we should respecct WG chairs and IETF
process if we want to produce solution that IETF will be able to adopt as
standard, though what has been going on here for last week, really does
not look anything close to "last call" and that is not good for this WG.
But be assured that SenderID algorithm and PRA is not the only DNS based
client ip authorization system that can be used to authenticate email
origin as listed in RFC2822 headers.
However please do respect the hard work that has been done by all members
of this WG (no matter what company they work for) for last several months
and evaluate the proposed drafts based on technical elements and not
merely on the IPR issues. Besides, your technical evaluation may also
proove quite usefull for any other future WG proposal as well.
On Thu, 2 Sep 2004, Ryan Malayter wrote:
[wayne]
Since I believe that there are unencumbered alternatives
to the PRA algorithm that are *better*, the cost of the
license would have to be negative.
Please share them... I haven't read all of the non-sender-ID MARID
drafts, and a lot of the list posts. The volume is just too high.
What algorithm out there would be more effective than PRA at validating
the true sender of an email from the headers? And is not covered by the
MS IP?
Thanks,
Ryan
---
William Leibzon, Elan Networks:
mailto: william(_at_)elan(_dot_)net
Anti-Spam Research Worksite:
http://www.elan.net/~william/asrg/