On Wed, Feb 18, 2004 at 04:03:44PM -0600, mw-list-spf-discuss(_at_)csi(_dot_)hu
wrote:
In particular, how can one avoid Eve to use an SRS-ed
envelope sender address as a return address to send spam?
Because Eve doesn't know the secret value used to generate the hash.
Bounces with invalid hashes are discarded. This is the whole point of the
cryptographic component.
And then please talk about a generic implementation of cryptography:
why do you think hashes are fine to use here; then talk about secret
distribution and accessibility, etc.
Hashes are much simpler and faster to implement than public key
cryptography, but sufficient for the purpose here. The same secret key used
to sign a hash is used to verify it (but the systems which forward a message
and receive a bounce in reply to a forwarded message are either the same
system, or two systems under the same administrative control). The keys are
not distributed elsewhere.
Brian.