spf-discuss
[Top] [All Lists]

Re: Opening Debate on SPF vs. SenderKeys

2004-08-20 08:25:57
Given that: "The IPR and license of SenderKeysTM will be detailed later 
in a separate document." How do you expect anyone here to take you 
seriously at this time?


Fair enough.  See the page again.  Added that the license will be free.


they might just take some idea(s) mentioned in that discussion and
claim them as part  of 'their IP', for which rights and licenses are not
yet known


If you invent something first, or provide convincing prior art by discussing it 
first,
and we can not prove we invented before you did, then it isn't our invention.  
That
is my understanding of US patent law.  May be different in other countries.



putting javascript inside <noscript></noscript> is 
probably not the best idea


See the page again.  Corrected.


The way things are going all I can see is that every one will have 
their own "anti-forgery" solution and the mess will continue


This is indicative of defects in previous proposals.  A solution which
has no major defects or unreasonable costs will unify.


So what is proposed here is that all the potential spam is to be 
auto-responded 


If a "From:" address is blacklisted, you can be fairly sure it *IS* spam,
not just potentially spam.


Well that's going to double my bandwidth costs caused by spam.


If your ISP or AccuSpam server side is doing it, it does not cost you
anything.  Besides as senders adopt, the responses stop because
the forgery has been identified.


force all my friends and relations to do something 
technical with their MTA's SMPT 


No it only requires people, who are being forged and already receiving a lot
of bounces, to upgrade the MUA (not MTA), i.e. their email client program.


And including the private key in the auto-response sounds a bit daft too


I agree.  It should be changed to request mechanism, where the MUA does
a request over secure channel such as HTTPS.  Will modify the specification.


And who or what is  "SenderKeysTM authority" controlled by?


That is the power and elegance.  It is isn't controlled by any one entity.


left hand menu of your site is just short of being unreadable 
in Mozilla 1.8a3 


That is indicative of Mozilla problems.  At < 1% marketshare, that buggy
browser is not mainstream, nor worth effort to code for.

Looks perfect in IE.

Thanks,
Shelby