[Top] [All Lists]

Re: New Authenticated: header?

2005-03-10 11:25:22

At 12:14 PM 3/10/2005 -0500, Bruce Lilly wrote:

On Wed March 9 2005 16:18, John Leslie wrote:

>    If there were a header prepended at the time Authentication is done,
> it would make it possible to use its result as input to (possibly
> heuristic) filtering executed later; and _might_ open the door to a
> future in which a limited trust could be given to Received: lines after
> the first.
>    What do other folks think?

Some observations:
1. Message header fields can be trivially forged.

The key concept here is that these forgeries will be only in headers *below* the authenticated header of the trusted forwarder. The authentication results passed on by that forwarder could be very useful in spam filtering.

2. There has still been no concrete definition of precisely
   who or what is supposedly being authenticated, by whom,
   according to what criteria, or for what purpose.

These are implementation details, and are different for each authentication method. For now, I'm focused on the fundamental requirements shared by all methods.

5) If the message is forwarded, the results of authentication must be made
available to all subsequent receiving MTAs.  The format should be simple and
standardized to facilitate later blocking and filtering.

I do have a suggested implementation, appropriate for a chain-of-trust authentication method, and it may help clarify this discussion, but I don't want to get bogged down in debate over implementation details. John's suggestion could work equally well. - Implementation Examples (5)

First things first: first come up with a detailed definition for
the supposed "authentication", addressing the issues above.

Then, if and only if there is some reasonable purpose, there
might be some point in discussing how to pass information from
point to point.

Fundamental requirements first, then details of specific proposed implementations.

Does the above requirement capture what needs to be done in forwarding a message? Does it require too little? e.g. missing something that cannot be left to the specific authentication methods? Does it require too much? e.g. Does it place an unnecessary burden on an end-to-end authentication method like DomainKeys?

-- Dave

*************************************************************     *
* David MacQuigg, PhD              * email:  dmq'at'   *  *
* IC Design Engineer               * phone:  USA 520-721-4583  *  *  *
* Analog Design Methodologies                                  *  *  *
*                                  * 9320 East Mikelyn Lane     * * *
* VRS Consulting, P.C.             * Tucson, Arizona 85710        *
*************************************************************     *