spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: TENBOX/E as an AUTH type

2007-03-31 20:10:30
from [Michael Deutschmann] [Permanent Link] 
On Sun, 1 Apr 2007, Frank Ellermann wrote:

This feature was intended so that a SMTP client could authenticate
*itself* to another,


I'm not sure if that's the case, AUTH= is a MAIL FROM parameter for
individual messages.


You've misread the sentence -- here it is again with some extra
clarification in {}s.

"This feature was intended so that a SMTP client could authenticate
*itself* to another {using the ordinary AUTH command}, yet indicate that a
given mail's origins were either not authenticated or authenticated to be
from somebody else {using the AUTH= argument to MAIL FROM:}"

BTW, it's good for our purpose that AUTH= is per message, since this
would allow a forwarder MTA to collect messages which need different
TENBOX tokens attached and send them all in a single connection.


Or did you mean the "red tape" for new SASL mechanisms ?  I think
that's considerably worse than registering SMTP extensions.  BTW,
the SASL folks recently decided to ditch DIGEST-MD5, better ignore
the DIGEST-MD5 reference in 2554bis.


I'm just going by the fact that section 2.2.2 of RFC 2821 [ESMTP] says
regarding new ESMTP extensions:

# Each service extension registered with the IANA must be defined in a
# formal standards-track or IESG-approved experimental protocol
# document.  The definition must include:
# [...]

While section 7.1.1 of RFC 4422 [SASL] gives a mail-in template requesting:

# SASL mechanism name (or prefix for the family):
# Security considerations:
# Published specification (recommended):
# Person & email address to contact for further information:
# Intended usage:
# Owner/Change controller:

So for ESMTP it seems one must submit to the RFC sausage-machine to bag a
keyword.  Meanwhile, to reserve a SASL keyword, it's merely "recommended"
to have any spec at all...

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [spf-discuss] Re: TENBOX/E as an AUTH type, Frank Ellermann
Next by Date:  [spf-discuss] SPF Mail Summary Report, spf-discuss
Previous by Thread:  [spf-discuss] Re: TENBOX/E as an AUTH type, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]