From: Mark Berry
Date: Tue Mar 22 2005 - 22:14:06 EST
I'm a noob to the spf list, so forgive me if this has been brought up
before.
Welcome to the discussion. For an introduction to email authentication see
http://en.wikipedia.org/wiki/Email_Authentication
What about a PKI signature of each message?
DomainKeys uses a digital signature and avoids the need to authenticate
each transfer. The fundamental problem I see with digital signatures is
that the message has to be fully transferred all the way to its destination
before it can be rejected. I really like the possibility that
IP-authentication offers of rejecting spam before transferring the message,
at a cost not much more than the spammer has to pay to send it. Another
problem is that we have no simple standard way to decide en-route if a
message is using IP-authentication or a signature. So it looks like all
messages will have to checked at each hop anyway.
-- Dave
************************************************************* *
* David MacQuigg, PhD * email: dmq'at'gci-net.com * *
* IC Design Engineer * phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* * 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. * Tucson, Arizona 85710 *
************************************************************* *