SES is effectively just BATV with a slightly different
syntax,
No. SES is more different than that.
In looking at:
"The Signed Envelope Sender (SES) Protocol"
<http://ses.codeshare.ca/files/Working_SES_Format_Definition_16.pdf>
Section 1.
....
Recipients of SES signed messages can verify the
return-path and in most cases the 2822 sender address by requesting
validation from each sending domain.
and
Section 2.
....
The digest signature validates the return-path and
ensures that the message headers and body are the same ones originally
sent with that return-path.
BATV pertains to the rfc2821.MailFrom command and has nothing at all to do
with any RFC2822 header content.
SES's attempt to correlate the MailFrom address with anything else is a
basic difference from BATV.
We could also explore SES's much more elaborate signing algorithm, but since
BATV is extensible, it's not much of a stretch to imagine someone adding a
scheme on the order of what SES uses.
On the other hand:
Section 5.4
....
The service is
through custom UDP server, DNS or SMTP, as designated by the sender in
the V character of the SES-signed return-path.
The requirement for cross-net query, in order to perform validation, is
massive increment in overhead from the basic algorithm used by BATV.
The barrier to adoption is a fundamental concern for new protocols, and the
requirement for the cross-net query is at least a quantum higher barrier
than BATV imposes.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net