-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Seth
Goodman
HMAC-SHA1 is a form of MAC, as I'm sure you'll agree. SES
uses HMAC-SHA1 signatures and SHA-1 digests, so it seems to
meet your exception. Apparently, it is possible to have a
signature scheme that is less complex and costly than RSA.
And as I pointed out, a symmetric keyed MAC algorithm does not work for the
problem that DK is addressing.
The use in SES is only possible because the signature only needs to be
verified by the party that generated it. It is possible to apply similar
techniques in the manner of Kerberos and SSL but these are both complex
mult-trip protocols that would require an entire redesign of the email
communication protocol to make use of.
The use of these techniques was not rejected through ignorance of them as
you appear to believe.
Non-existent? SPF-Discuss has archives and so does
SES-Devel. Read the archives, search under my name and SES
and please stop the name-calling.
If you give no hint as to the context then there is no way that I can tell
what you might be referring to.
I have been designing crypto protocols for over a decade. You do not have
the standing in that community to dismiss others with 'go read the
archives'.