John C Klensin wrote:
But, in fairness to the proposal, the general idea has one advantage. If
one is concerned about source / originator identity and authentication,
having to make a real-time direct connection back to the sender's
repository permits thinking about much stronger methods than, e.g., header
signatures.
I'm pretty sure it permits nothing stronger at all.
So I need you to provide some detail.
I'll also note that a mechanism with this much cost -- especially at the
infastructure -- needs a proof-positive guarantee that it will provide
benefits, and not just that it makes benefits possible.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net