On Thu, Apr 22, 2004 at 07:39:25AM -0500, Seth Goodman wrote:
Your point is well taken when it comes to greeting card sites, etc. I would
never give out my password (or hash secret) to a site like that, despite any
assurances that they give. The SES verification solution only works for
sites that you trust not to harvest/sell your information.
Call me paranoid, but I won't even trust the hospital's site. Even if
they don't sell the data themselves, your generic Evil Hacker <tm> might
break in and well..
Untrusted sites that you wish to send mail from are a problem no matter how
you deal with them. If you allow/encourage them to accept and trust any
I'd say the sending party (in this case the greeting card site or the
hospital) is responsible for what they sent. If they choose to accept
random email adresses from some web interface, and send out mail
pretending from that adress it is their responsibility, and any bounces
should be directed at them. They could set a Reply-To if they want to
make it possible to send something back to the pretended sender.
you are entering your account name and password again at their site. An old
school method would be to verify the address by sending a confirmation
message that the user would have to answer before trusting the address. The
user would respond through their mail client, if on their own computer, or
through a webmail interface in a new browser window that the user manually
opened on a foreign computer. This is secure on your own machine but less
so on someone else's. What do you suggest?
I don't like the shuffling around with keys and passwords, third
parties, etc. I think someone else said something earlier on this list
about keys that bind to channel/person combinations, not just persons. I
think that is already more sensible. But what I said above would be the
best way to go about it in my opinion (Reply-to if they want, but take
care of the bounces themselves).
Koen
--
http://www.sonologic.nl/