On Wed, Apr 05, 2006 at 02:44:28PM +0200, Werner Koch wrote:
On Tue, 4 Apr 2006 13:37:35 +0000, Julian Mehnle said:
What do folks -- especially the gnupg-devel ones -- think about using SPF
for that purpose? Are there any non-obvious fundamental issues that need
to be taken into account?
I consider SPF far to complex to solve the simple goal of
authenticating the source of an email. It does not stop spam , as
this requires content filters and the jurisdiction and won't
authenmticate the full message.
And indeed: spf does not authenticate the source of an email,
neither is the intention to stop spam (although that is a nice
side effect).
SPF authorizes relays of an email, and is intended to stop spoofing.
However, SPF could assist other technologies. It could communicate
to the receiver that certain mail should be GPG signed, where the key
can be fetched, etc.
Alex
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com