ietf
[Top] [All Lists]

Re: the curse of the S(imple) protocols, was: Re: e2e

2007-08-17 09:10:25

, while it gets no where near real
authentication, the ability to write a pair of rules that say 

      * if the message comes to "john+bbnk(_at_)example(_dot_)com", and
      isn't from an address in the "bigbank.com" domain, it is
      trash and can be discarded, and
      
      * if the message appears to come from the "bigbank.com"
      and isn't addressed to john+bbnk(_at_)example(_dot_)com", then it
      is trash and can be discarded.

turns out to be a powerful tool that is not easily defeated and
that does not require multiple handshakes between recipient and
putative sender.
I've been using it for years, and entirely agree.

Keith


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf