I'm a noob to the spf list, so forgive me if this has been brought up
before.
What about a PKI signature of each message?
-----Original Message-----
From: David Macquigg
We need a database (registry?) that will respond quickly to a single
packet
from the sender. That database needs to be widely distributed, with
every
little domain having authority to make changes at its leaf in the domain
tree. It needs to be reasonably secure and very robust, with confidence
built over years of large-scale deployment. It needs a caching
mechanism,
so repetitive queries can be answered without going all the way to the
original records each time. Does it sound like I'm describing something
that already exists? We just can't beat DNS for providing the
underlying
machinery we need for the proposed "registry".