On Tue, 2005-04-12 at 17:07 -0700, David MacQuigg wrote:
At 06:34 PM 4/12/2005 -0400, Mark Shewmaker wrote:
The neutrality has to do with how the sender declares its ID, not how that
ID is authenticated. I think you are reading too much into what I
proposed. This is a trivial matter technically, but one that might make a
big difference politically.
I see no reason why a recipient should pay any attention to a forger
requesting the check of one particular credential over another.
The SMTP model we're working under doesn't have us using or designing an
authentication-method negotiation system between the sender and
recipient.
I don't see much negotiation here. The sender will say "Here is my ID.
Take it or leave it."
No, the sender has no choice about giving most credentials, (helo,
mailfrom, pra, other headers, etc.).
You suggest that the potentially forging sender point out one credential
among others, a credential that the recipient would then agree to be the
one he ran authentication tests using, (which is why I found this similar
to doing a "negotiation", and expanded from there.)
So what do you do if your sender is using CSV, and you are expecting SPF?
You're confusing two different meanings of "sender":
1. There's the use of the word "sender" that refers to the spf
and csv publishers, namely the domain owner, and
2. There's the use of the word "sender" that refers to
the person or machine that's possibly trying to forge
an email transmission.
Only the first type of "sender" can publish CSV or SPF, not the second,
but your "ID" proposal had the *second* type telling the recipient which
credential to use, not the first.
The confusion in wording is more apparent if you rework the question:
"So what do you do if the forger is using CSV, and you are expecting
SPF?"
My answer to *that* question would be:
1. The forger can't publish the CSV or SPF record to begin
with.
2. I will ignore any special requests that the forger might
make asking me to use a particular authentication method
over others.
The sender should have no input whatsoever in how the recipient decides
to authenticate the credentials that the sender can't help supplying.
You seem to be assuming that the sender will provide DNS records for any
method that the receiver might prefer. I think it is more likely the other
way around. The sender will chose its preferred method, and the receiver
must comply.
The domain owner can certainly chose to only publish his favorite
authentication method records, but if someone else tries to forge mail
to me and asks I only use particular IDs as you suggest, I'd ignore that
forger's requests and look only at what the combination of the domain
owners' policies and my policies say.
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com