spf-discuss
[Top] [All Lists]

Re: verifying the message instead of just it's path

2004-01-20 22:21:44
On Tue, Jan 20, 2004 at 11:19:25PM -0600, Thor Kooda wrote:
| > | A simple, un-intrusive hash+pubkey system could be used to verify that 
| > | messages really did come from where they appear to have come from.
| > 
| > This is more or less domainkeys.  Yahoo needs to publish a spec for it.
| 
| except that this method allows anyone to use the existing dns hierarchy
| to distribute (and revoke) keys, as well as rotate them as often as they
| like, so that faster (less secure) keys with a shorter key length may be
| used.  -and with no CA, it's PKI is free.

Yahoo DomainKeys does match that description.

There is no CA for DK.

It's reasonably well designed.


-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡