spf-discuss
[Top] [All Lists]

Re: Re: Good Domain List one step closer to reality (actually two steps)

2004-08-18 00:13:04

No certificate will ever tell if a mail is spam or ham.  It merely tells you
that the person who bought the certificate filled in the right forms, met
some peers who vouch that they think he is who he says he is and think they
know where he lives.  Have you never heard of stolen identities?  One of the
biggest rackets going I believe - should be no problem for a dedicated
spammer...

Forget certification it does _nothing_ to tell you if a mail is likely to be
spam or not.

Slainte,

JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492




----- Original Message -----
From: "guy" <pobox(_at_)watkins-home(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Wednesday, August 18, 2004 2:48 AM
Subject: RE: [spf-discuss] Re: Good Domain List one step closer to reality
(actually two steps)


If what you say is true....Cool!  And free!

I must take a look and see.

Thanks,
Guy

Humm... I did not intend to rhyme, not that time.


-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of 
Stuart D. Gathman
Sent: Tuesday, August 17, 2004 7:46 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Re: Good Domain List one step closer to reality
(actually two steps)

On Mon, 16 Aug 2004, Guy Watkins wrote:

Also, if certificates are free, spammers and hackers can get one just as
easy as me.  So what good are they?  Good for testing, sure.

Verisign only vouches that the name and address on the cert are real and
that that entity applied for the certificate.

cacert.org does the same thing - only better.  To get a named cacert.org
cert you have to meet in person with at least 2 local "Assurers" (members
with high enough trust and experience points) who will assure that you
are the person on your drivers license or whatever.

It is easier to fool verisign - and several have done so already.

Either can be bribed.  But with cacert.org you have to get 2 experienced
assurers (or 5 novices) to agree to the bribe - and guess right the first
time.

--
      Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703
591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta
features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta
features SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com


<Prev in Thread] Current Thread [Next in Thread>