spf-discuss
[Top] [All Lists]

Re: new draft RFC under construction

2003-10-10 23:19:37
On Fri, Oct 10, 2003 at 10:49:27PM -0500, wayne wrote:
| 
| SPF does not authenticate anything, it authorizes the use of the
| domain name by a given IP address.  The IP address is authenenticated
| via the sufficiently-random sequence numbers in the TCP packets.  GPG
| authenticates people, but does not provide any authorization.  These
| are two different concepts.
| 

good comments, thanks.  I'll update accordingly when I get a moment.

I'm camping two tents over from Paul Vixie and we had a good talk about
SPF tonight.  As you might expect, he's thinking several steps ahead,
about end-to-end schemes and webs of trust based on degrees of
separation.  His criticisms of SPF (and his original proposal,
MAIL-FROM, from five years ago) are that the reputation schemes may end
up in a Verisign scenario; or that the major ISPs will want to adopt
telephony termination economic models, to the detriment of the public;
the Internet wasn't supposed to be about private clubs and gated
communities.  Still, I think we can reach agreement that it's an
acceptable stopgap measure.

More tomorrow as we discuss further.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡