spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re[2]: Re: DEPLOY: SPF/Sender ID support in Courier.

2004-08-28 11:05:35
from [AccuSpam] [Permanent Link] 
At 10:18 PM 8/28/2004 +1000, you wrote:

A> server.  Please support SenderKeys (or something like it) and also

Bad idea. crypto stuff stomps on loads of legitimate middlemen,



If the crypto is in a header and the middleman stomps on the header, and the 
header is properly self-contained, then the worse that happens is the signing 
does not happen at the recipient.



costs dearly in bandwidth and CPU,



Disagree on transfer bandwidth.  It is just a header, as the Received-SPF is a 
header.  Might be 500 bytes longer or so, but nothing drastic.

It does cost CPU, and so do most improvements in computer software.  Spam and 
forgery costs us a lot also.



is very complicated,



I believe it is no more complicated than SPF, some ways less so.  This could 
begin a huge debate, so if you want to debate this, then e-mail me off list or 
at SenderKeys discussion list and then we can report back here our summaries.  
No sense in arguing that on list at is will encompass many things already 
discussed.



prone to
export regulations and patents,



Weaker forms are not subject to export regulations.  There are ways to work 
around this, as evident by the fact that browsers with SSL exist in most places 
in the world.

Some technologies are patented but not all.



and introduces a range of new security
problems -


I have dicussed some of these in SenderKeys discussion list and I find so far 
that no one has raised a security issue that was not also a security issue for 
SPF.  If you want to debate, again let's do it off list or in anothe venue of 
your choice.




all with absolutely no benefit over plain old SPF.



The benefits and tradeoffs of per-domain and per-user authorization are quite 
clear and pronounced.  Each has strengths where the other is weak.



A> If I was Microsoft I would be stupid not to leverage their
A> majority marketshare in clients, and minimize the leverage of
A> internet-wide (non local network) servers where they are minority.
Yep - they're not stupid - with Pack 2 they've just said "fuck you" to

[...]

opening their crap. Sheesh MS can be arrogant and dumb, even when
they're busy trying to not be stupid.


I understand your point and it is well taken.  However, there is a saying, "it 
is better to lose the small battles to win the war".

Microsoft has won every war.  That is pretty smart to me.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Fwd: Out of Office AutoReply: SPF deploymentfriction, Greg Connor
Next by Date:  RE: Can SPF support subdomain reputation?, AccuSpam
Previous by Thread:  Re[2]: Re: DEPLOY: SPF/Sender ID support in Courier., christopher
Next by Thread:  Re: Re[2]: Re: DEPLOY: SPF/Sender ID support in Courier., Paul Howarth
Indexes:  [Date] [Thread] [Top] [All Lists]