On 2/2/2004 10:49 AM, Chuq Von Rospach wrote:
If I try to hand you a message from Bill(_at_)microsoft(_dot_)com, SPF could
tell
you whether to accept it if I claimed it was generated on my site, but
what if I claimed it was generated on microsoft's server and (acting as
a man in the middle) that it's being relayed through me?
That's why you need to validate the path also. Having per-hop recursive
signatures of a canonical sender certificate would give recipient systems
the ability to validate each hop individually as well as the sender's
identity, separately or individually. It would also give recipients the
ability to filter against problematic hosts, and not just senders.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/