Lets get Jon Callas from PGP involved here.
Jon is very keen on authenticating the server (domain) rather than the user
in this case.
Phill
-----Original Message-----
From: Meng Weng Wong [mailto:mengwong(_at_)dumbo(_dot_)pobox(_dot_)com]
Sent: Wednesday, January 14, 2004 11:18 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Cc: prz(_at_)mit(_dot_)edu; marty(_at_)martylyons(_dot_)com
Subject: [spf-discuss] proposed PGP mechanism for SPF
On Wed, Jan 14, 2004 at 10:39:27PM -0500, Meng Weng Wong wrote:
| SPF is completely compatible with S/MIME and PGP; the only reason we
| haven't defined a mechanism for them is because, well,
nobody asked for
| it. Shall we put one in?
mechanism pgp:domain-spec
A message is authenticated, and this mechanism returns PASS, if the
public key obtained by a TXT query against the domain-spec confirms
the signed message content.
domain-spec is expanded with the usual macros.
If the message content does not match the public key, the message is
not authenticated, and the mechanism evaluates to FAIL. A receiving
MTA may indicate its rejection during an SMTP transaction after
receiving the ".". Alternatively, it may accept it, but
subject it to
content-filtering or whatever.
Message content outside the signed area should be discarded by the
receiving MTA.
http://www.imc.org/smime-pgpmime.html describes a number of RFCs
including RFC1847 and RFC2015. I don't know if they're up to date but
the basic idea is there.
Comments welcome. Regrettably, I haven't auto-signed my mail with PGP
in a while. (I had to stop when my mother complained that Outlook
Express kept putting "all these weird attachments" on her desktop.)
This turns into DomainKeys pretty easily: instead of making the
signature a MIME part, you shove it into the headers, and
then you just
tell everyone to pretend that the entire message body is the signed
part. Does that sound right? It's late.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡