Re: a few short notes2004-02-02 09:49:51On Feb 2, 2004, at 2:12 AM, Paul Smith wrote: Having the 'chain of trust' idea is a vast improvement over what we have now, wouldn't be too hard to implement (IMHO) Since any email system can connect to any other email system, if my email system contacts your system to hand off a piece of email, how do you build that chain of trust, since you don't know my system? You can authenticate who I am, but that's not trust, that's just removing forgery capabilities (sort of). If I try to hand you a message from Bill(_at_)microsoft(_dot_)com, SPF could tell you whether to accept it if I claimed it was generated on my site, but what if I claimed it was generated on microsoft's server and (acting as a man in the middle) that it's being relayed through me? relays are necessary in the corporate world, and so are backup MX systems, and neither are covered by SPF. What if I really am a gateway or fallback MX that legitimately got that mail? chains of trust are easy (easier) if you trust the first link in the chain, but in j-random-internet-connections-universe, building that first link is suprisingly tough, and if you can't trust the site you're talking to, any information they give you has to be suspect. I'm not saying your idea if wrong or bad, just that it's not nearly as easy to implement as your IMHO seems to imply. If it was, we'd have layered it onto SMTP by now.. (grin)
|
|
||||||||||||||||