-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 29 June 2004 11:58 am, Meng Weng Wong wrote:
Thank you for an accurate and comprehensive roundup of the issues.
On Tue, Jun 29, 2004 at 10:51:04AM -0700, Jonathan Gardner wrote:
| (5) Add additional checks for authenticity in SPF, or leave that as an
| option. This would make it so that an SPF result cannot be obtained in
| all cases before the message is sent. In particular, Domain Keys may
| require the entire message to be sent, and so checking Domain Keys will
| have to cause SPF to return a "NEED MORE INFO" result before the
| checking can resume and be completed. Perhaps PGP or S/MIME could be
| used for this purpose as well.
I should point out that even with PGP the authenticity
problem can arise.
A PGP signature on a message merely means that the signing
identity was once authorized to represent a human author.
If a virus snags the secret key using a keysniffer device,
the virus becomes capable of identity theft, and the
analogous situation obtains.
:)
It is important that as we discuss security and such we remember that the
goal isn't to make a 100% secure system. We are only trying to be "more
secure" or "secure enough". There are security holes in any proposal. Even
burying your computer with the power plug unplugged and embedded in
concrete isn't perfectly secure. Someone can still dig it up and break off
the concrete and plug it in.
So maybe the option of ignoring this is sufficient.
- --
Jonathan M. Gardner
Mass Mail Systems Developer, Amazon.com
jonagard(_at_)amazon(_dot_)com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFA4gdDBFeYcclU5Q0RAhI7AJ0ecWPaGGbIdph16Dd1VfsB7xAbygCffjmH
MH9zDzEd9L9rsxSVstjeHRA=
=br/u
-----END PGP SIGNATURE-----