At 01:48 PM 5/17/2005 -0400, Hector Santos wrote:
From: "Keith Moore" <moore(_at_)cs(_dot_)utk(_dot_)edu>
> 1) No one is going to trust what a client says. You need an "anchor"
> that he has basically no control of. Like the IP address.
> no, not like the IP address, because in general IP address has nothing to
> do with the sender's identity...
Keith,
I was implying some example "piece of information" that the SMTP client
itself can not easily change. I agree, IP is not the best example, but it
probably the best we have from a proof of concept and "anchor" example
today. Ironically, I did have it parenthically stated to make sure we
didn't get hung on it. But I decided to remove it and crossed my finger
that there woudn't be any nick picking.
> it will have even less to do with the sender's identity in the future
> than it does now.
You and I seem to have similar crystal balls.
I'm assuming that the information returned by a DNS query is our ultimate
"anchor". This in turn, depends on the security of routing tables,
physical access to wires and DNS servers, registrar's competence and
integrity, and lots of other worries, but all of that is outside the scope
of the present proposals. If these foundation blocks are solid, then it
should be possible for any authentication method, be it IP-based or
signature-based, to build on a simple neutral standard.
The Sender's Declaration of Identity is one piece of that standard. I
think of it as a kind of "broadcast license", but without government
regulation. You must tell me who you are before I will bother even looking
up your reputation. And if you make me do ten failed lookups in less than
an hour, I'll ignore your IP.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: david_macquigg at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *