Re: draft-pearson-securemail-02.txt
Douglas Otis <dotis@mail-abuse.org> Tue, 06 May 2008 01:18 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD90328C2AC; Mon, 5 May 2008 18:18:01 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 56B1628C2AC for <ietf@core3.amsl.com>; Mon, 5 May 2008 18:18:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D8ZaYkdhiZer for <ietf@core3.amsl.com>; Mon, 5 May 2008 18:17:59 -0700 (PDT)
Received: from harry.mail-abuse.org (harry.mail-abuse.org [168.61.5.27]) by core3.amsl.com (Postfix) with ESMTP id B48C63A6DF4 for <ietf@ietf.org>; Mon, 5 May 2008 18:17:59 -0700 (PDT)
Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id A7A30A9443C; Tue, 6 May 2008 01:17:58 +0000 (UTC)
Message-Id: <B811B62A-4E76-4467-83BE-88F86F0D7979@mail-abuse.org>
From: Douglas Otis <dotis@mail-abuse.org>
To: Frank Ellermann <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com>
In-Reply-To: <fviqln$ff1$1@ger.gmane.org>
Mime-Version: 1.0 (Apple Message framework v919.2)
Subject: Re: draft-pearson-securemail-02.txt
Date: Mon, 05 May 2008 18:17:58 -0700
References: <20080430061502.0345B3A6D47@core3.amsl.com> <6.2.5.6.2.20080503134704.03283f90@resistor.net> <fviqln$ff1$1@ger.gmane.org>
X-Mailer: Apple Mail (2.919.2)
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
On May 3, 2008, at 3:44 PM, Frank Ellermann wrote: > SM wrote: > >> SenderID and SPF does not authenticate the sender. > > For starters they have different concepts of "sender", PRA and > envelope sender, and RFC 4408 section 10.4 offers references (AUTH + > SUBMIT) for folks wanting more. Agreed. Neither SenderID or SPF offers authentication. Both of these schemes provide a method for domains to _authorize_ IP addresses used by SMTP clients. This can not be described as authentication since SMTP clients are often shared by more than one domain. This scheme is fully dependent upon secure routing through questionable boundary issues. In addition to the section 10.4 references, DKIM is another possible choice. -Doug _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re: draft-pearson-securemail-02.txt SM
- Re: draft-pearson-securemail-02.txt Frank Ellermann
- Re: draft-pearson-securemail-02.txt Douglas Otis