ietf-mxcomp
[Top] [All Lists]

Re: co-chair judgment of consensus related to last call period of 23-Aug-2004 to 10-Sept-2004

2004-09-15 09:51:51

On Tue, 14 Sep 2004, David Woodhouse wrote:

The identity which is being checked at each hop would no longer be
directly related to the original sender of the mail, but merely serves
as a verified identifier for the entity which controls the mail server
in question, and can be used to determine a level of trust for that
server.

Therefore, the 'mail from' and 'pra' scopes should be considered equal,
not as complementary forms of 'authentication'. Once the whole world has
upgraded, each scope provides merely an arbitrary handle by which to
classify the mail host which is submitting a given mail.

Good point.  Multiple scopes only really seem to make sense
in a world where SPF isn't deployable ...

Rik
-- 
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan