Re: IETF SMTP Working Group Proposal at smtpng.org
The problem with SSL is it doesn't include certificate chain to arbitrary authorities. However, there's a space for web of trust in SSL, I believe, so yeah, a new verison of SSL might be just the ticket. On 8/22/2002 at 00:02:24 +0300, Petri Helenius said:
Lets not forget that you need an SSL cert for every server with a different host name, and you need to go through companies like Verisign to get them. (yes, there are lesser evils I know). But using SSL certs could be more expensive then just registering your company, netblock or whatever with a management account. -- Robert Blayzor, BOFH INOC, LLC rblayzor@inoc.net Exclusive: We're the only ones who have the documentation.
i won't glock up this already busy list with a full copy of the proposal, but before y'all go off and invent something, here's some prior art that's been resoundingly pooh-pooh'd by the smtp community. http://www.vix.com/~vixie/mailfrom.txt Abstract At the time of this writing, more than half of all e-mail received by the author has a forged return address, due to the total absence of address authentication in SMTP (see [RFC2821]). We present a simple and backward compatible method whereby cooperating e-mail senders and receivers can detect forged source/return addresses in e-mail. -- Paul Vixie
At 12:56 AM +0000 2002/08/22, Paul Vixie wrote:
Yeah, the problem is that this breaks mailing lists, just like other proposals. Otherwise, it would seem to be a nice concept. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
participants (4)
-
Brad Knowles -
Dave Israel -
Paul Vixie -
Robert Blayzor