On Mon, 29 Nov 2004, Seth Goodman wrote:
Crypto accelerators would obviously solve the problem. As a hardware
engineer who works with DSP's, I would personally benefit from an expanded
market for such accelerators. Designing them is both enjoyable and
profitable for me. However, as an Internet citizen, I would not like to see
that become part of the price of admission for email.
I have no objection to DK as long as the domains in question also
publish SPF. There is no significant load to *publish* a DK key.
The extra work is only for verifying a DK key. If I don't need
rfc2822 forgery protection, then I won't verify DK. I must say
that if I *did* need 2822 checking, I prefer DK to senderID - since
all that work does provide significant confidence in the authenticity.
I think we should push SPF for DK people, explaining that SPF
_enhances_the_performance_of_DK_ by rejecting 2821 forgeries before
SMTP DATA and before any RSA crypto need be done.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.