spf-discuss
[Top] [All Lists]

Why not just use S/MIME or GPG signatures?

2003-10-07 00:10:30
I just found out about SPF, so please forgive me if this question has already been asked and answered. (I did read the FAQ, and didn't find it there).

This proposal seems to entail a lot of complexity and work for a result that is admittedly not 100% effective and will also inconvenience many end users. There's a much simpler way to verify senders: S/MIME or GPG signatures. Either or both schemes are already implemented on many mailers, though they aren't used much. Why not just put your collective weight behind getting them used?

With message signatures, no kludgey changes to the DNS or to mail servers are required. All the work can be done at the end points, and the choice whether to accept or ignore a certain message is under recipient control where it belongs. And I can continue to send my email direct to its recipients from any IP address I happen to be visiting.

Phil

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡