IETF Logo Mail Archive

Re: I-D Action:draft-hathcock-minger-05.txt

"Frank Ellermann" <nobody@xyzzy.claranet.de> Wed, 09 July 2008 21:10 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m69LAEp7002152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 9 Jul 2008 14:10:14 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id m69LAEYf002151; Wed, 9 Jul 2008 14:10:14 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m69LAAGJ002135 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-smtp@imc.org>; Wed, 9 Jul 2008 14:10:12 -0700 (MST) (envelope-from gis-ietf-smtp-979@gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43) id 1KGgvP-00020U-OU for ietf-smtp@imc.org; Wed, 09 Jul 2008 21:10:07 +0000
Received: from hmbg-d9b88e14.pool.mediaways.net ([217.184.142.20]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-smtp@imc.org>; Wed, 09 Jul 2008 21:10:07 +0000
Received: from nobody by hmbg-d9b88e14.pool.mediaways.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-smtp@imc.org>; Wed, 09 Jul 2008 21:10:07 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: ietf-smtp@imc.org
From: Frank Ellermann <nobody@xyzzy.claranet.de>
Subject: Re: I-D Action:draft-hathcock-minger-05.txt
Date: Wed, 09 Jul 2008 23:10:33 +0200
Organization: <http://purl.net/xyzzy>
Lines: 23
Message-ID: <g539f4$rfg$1@ger.gmane.org>
References: <20080709201501.CF6E73A6B57@core3.amsl.com>
Reply-To: Frank Ellermann <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: hmbg-d9b88e14.pool.mediaways.net
X-Newsreader: Microsoft Outlook Express 6.00.2800.1914
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1914
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>

> Title           : The Minger Email Address Verification Protocol
> Author(s)       : A. Hathcock, J. Merkel
> Filename        : draft-hathcock-minger-05.txt

Great.  But a fresh date oddity, expired before publication :-)

Some observations minus the few simple nits reported by IDnits:

s/are therefore often decide/therefore often decide/ (to accept)
or maybe "are therefore often forced to accept". 

Status codes 0..5:  Intuitively I'd expect "0" to be "okay".

Digest = MD5( secret ":" mailbox ) could attract the attention
of security folks, how about using HMAC(x, y) instead of MD5 ?

Anonymous mode, is that MD5( ":" mailbox ) or MD5( mailbox ) ?

Security:  The secret is defined to be 1*50(VCHAR), maybe say
at least 16 VCHARs instead of 128 bits.  MD5 could handle bit
strings if you'd want this, but you want ordinary VCHAR bytes.

 Frank

v2.23.0 | Report a Bug | By Email