On Wed, Feb 11, 2004 at 06:36:38PM +0000, Roy Badami wrote:
| >>>>> "Meng" == Meng Weng Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com>
writes:
| Meng> What do you think of the new Mail::SRS algorithm?
|
| Only skimmed it, but it looks good.
|
| I'm uneasy about the 11-year wrap around of the timestamp, though.
| Are we confident that these won't get archived anywhere? I can't see
| any reason why they should end up in list archives and the like, but
| if they do then come 2015 spammers might start using old archives.
|
| Most of these addresses will no longer be valid, of course, but a few
| will be, and this will probably make SRS (and those hosts running it)
| rather unpopular amongst long-time Internet users.
|
I expect Mail::SRS to contain a series of secrets:
my @secrets = ("recent", "older", "oldest");
The validity period is, what, 1 month? Then we can rotate through
secrets on a monthly basis.
Old secrets will be honoured, but new messages will only be generated
with the first secret on the list.
If the secrets are not reused in 11 years that will solve it.