On Tue, Jan 20, 2004 at 11:19:25PM -0600, Thor Kooda wrote:
| > | A simple, un-intrusive hash+pubkey system could be used to verify that
| > | messages really did come from where they appear to have come from.
| >
| > This is more or less domainkeys. Yahoo needs to publish a spec for it.
|
| except that this method allows anyone to use the existing dns hierarchy
| to distribute (and revoke) keys, as well as rotate them as often as they
| like, so that faster (less secure) keys with a shorter key length may be
| used. -and with no CA, it's PKI is free.
Yahoo DomainKeys does match that description.
There is no CA for DK.
It's reasonably well designed.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡