On Tue, 17 Feb 2004, Alex Bligh wrote:
they in turn chose to trust. Take BGP (by which I mean eBGP) as the case in point: [...] The trust relationship is important, [...]. BGP allows me (in commonly deployed form) to run a relatively secure protocol between peers, and deploy (almost) universal end-to-end connectivity for IP packets in a manner that does not necessarily involve end users in needing to know anything about it bar "if the routing doesn't work, I move providers";
Right but: - The world of BGP peers is a rarified one, there are, what, <20k ASes out there? Nearly all are medium sized enterprises, institutions or organisations or bigger. - With BGP's peer-to-peer trust relationships, prefixes get hijacked, rogue ASes collude with spammers. So, despite the small number of players, it still doesnt work, and people are working on adding stronger forms of verification of announcements to to BGP. And you want to try scale this to the millions and millions of SMTP hosts? :)
Alex
regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A warning: do not ever send email to spam@dishone.st Fortune: "You shouldn't make my toaster angry." -- Household security explained in "Johnny Quest"