spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: SPF and Responsibility

2004-07-22 12:42:05
from [terry] [Permanent Link] 
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Daniel 
Taylor
Sent: Thursday, July 22, 2004 3:13 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] SPF and Responsibility


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

terry(_at_)ashtonwoodshomes(_dot_)com wrote:
|>-----Original Message-----
|>From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
|>[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Mark 
Shewmaker
|>Sent: Thursday, July 22, 2004 2:35 PM
|>To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
|>Subject: RE: [spf-discuss] SPF and Responsibility
|>
|>
|>On Thu, 2004-07-22 at 07:39, terry(_at_)greatgulfhomes(_dot_)com wrote:
|>
|>>You are correct in that the wording of the spec is misleading.
|>
|>This is the current wording:
|>
|>  5.2  Pass
|>
|>    An SMTP server receiving this result SHOULD treat the message as
|>    authentic.  It may accept or reject the message
depending on other
|>    policies.
|>
|>How is that misleading?
|>
|
|
| It's misleading because "the message is authentic" might be better
worded as "the sender domain of
| the message is authentic"
|
| And that's because I suspect to a lot of people authentic means:
| (1) Conforming to fact and therefore worthy of trust,
reliance, or belief
| Rather then:
| (2) Having a claimed and verifiable origin or authorship
|
| (1) is what something like PGP does
| (2) is really what SPF does

Not in the least.
You have a misguided idea of what "trust" means in this context.


No, I don't, I interpret "authentic" to mean (2).  But I'll bet Mark Shewmaker 
believes it means
(1).

And FYI:  I took those 2 definitions of "authentic" straight out of websters 
dictionary, hence there
is potential for a LOT of people who may believe authentic means (1) rather 
then (2).



All trust means here is that you are who you say you are.

Iff you believe authentic means (2).


There is no value judgment on content expressed or implied
by trust in the security sense.


I agree 100%

Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SPF and Responsibility, David Brodbeck
Next by Date:  Re: Is SPF serving the best interests of the end-user?, spf
Previous by Thread:  Re: SPF and Responsibility, Daniel Taylor
Next by Thread:  RE: SPF and Responsibility, Mark Shewmaker
Indexes:  [Date] [Thread] [Top] [All Lists]