[Top] [All Lists]

RE: Anti-spam news article / S/MIME Gateways

2004-06-22 11:15:37

Hi Craig,
While I understand you comments about closed groups. The real problem
with scaling beyond closed groups is, as you point out, trust
mechanisms. What I fail to see is why we need a different signature
format to deploy a more scalable trust mechanism. 

* -----Original Message-----
* From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
* On Behalf Of Craig McGregor
* Sent: Monday, June 21, 2004 8:12 PM
* To: Russ Housley; ietf-smime(_at_)imc(_dot_)org
* Subject: RE: Anti-spam news article / S/MIME Gateways
* >Tumbleweed Chief Executive Jeff Smith says there's a lot of
* misunderstanding about
* >S/MIME, because it was created as a desktop encryption technology. He
* argues it's
* > also simple and cost-effective to use as a gateway authentication
* technology, and
* > that its quality advantages make it the best choice. Tumbleweed
* like to work
* > with Yahoo to merge their technologies.
* S/MIME gateway software in the context of a 'closed-community' is a
* proven method of authenticating the sending domains of e-mail messages
* and has been effective at blocking increased volumes of spoofed e-mail
* messages (providing they were sent from a participating domain). And
* cause using S/MIME encryption protects one from in-transit
* too!
* Applying what is quite managable in a 'closed-community' for an
* Internet-wide deployment would be somewhat more challenging though.
* Particularly around certificate deployment, trust-chains and
* auto-discovery (assume DNS for internet-wide; a 'closed-community'
* use LDAP). I think that is why domain keys proposes to trust DNS data
* being authorative without any further validation.
* Craig.