[lemonade] Re: Comments on draft-ietf-lemonade-urlauth-07.txt
Randall Gellens <randy@qualcomm.com> Tue, 09 August 2005 23:36 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E2ddw-0004tH-Lm; Tue, 09 Aug 2005 19:36:24 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E2ddv-0004t6-WC; Tue, 09 Aug 2005 19:36:24 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA23572; Tue, 9 Aug 2005 19:36:20 -0400 (EDT)
Received: from warlock.qualcomm.com ([129.46.50.49]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1E2eBu-0002XJ-RZ; Tue, 09 Aug 2005 20:11:32 -0400
Received: from [192.168.1.13] (vpn-10-50-0-75.qualcomm.com [10.50.0.75]) by warlock.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j79Na5oZ015601; Tue, 9 Aug 2005 16:36:05 -0700 (PDT)
Mime-Version: 1.0
Message-Id: <p07000c0ebf1eee0bf8c1@[192.168.1.13]>
In-Reply-To: <Pine.WNT.4.64.0508091519060.1824@Tomobiki-Cho.CAC.Washington.EDU>
References: <p07000c03bf127ddcfd5c@[192.168.1.13]> <Pine.OSX.4.63.0508050254260.477@pangtzu.panda.com> <p07000c0cbf1ed94319e8@[192.168.1.13]> <Pine.WNT.4.64.0508091519060.1824@Tomobiki-Cho.CAC.Washington.EDU>
X-Mailer: Eudora for Mac OS X v7.0a
X-message-flag: Using Outlook? Upgrade to Eudora: <http://www.eudora.com>
Date: Tue, 09 Aug 2005 16:36:02 -0700
To: Mark Crispin <MRC@CAC.Washington.EDU>
From: Randall Gellens <randy@qualcomm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Random-Sig-Tag: 1.0b28
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8
Cc: Lemonade <lemonade@ietf.org>, iesg@ietf.org
Subject: [lemonade] Re: Comments on draft-ietf-lemonade-urlauth-07.txt
X-BeenThere: lemonade@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Enhancements to Internet email to support diverse service enivronments <lemonade.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:lemonade@ietf.org>
List-Help: <mailto:lemonade-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=subscribe>
Sender: lemonade-bounces@ietf.org
Errors-To: lemonade-bounces@ietf.org
At 3:22 PM -0700 8/9/05, Mark Crispin wrote: > On Tue, 9 Aug 2005, Randall Gellens wrote: >> Likely I'm the one confused, but if user B captures a urlauth URL >> for user A, and shares the same servers, then B can submit a new >> message using the same urlauth URL, right? > > No; because the submit server is supposed to validate that the > userid in a submit+<userid> is the userid used to log into the > submit server. Since user B can't log in as user A to the submit > server, that loophole is closed. Indeed. I missed this. Thanks. -- Randall Gellens Opinions are personal; facts are suspect; I speak for myself only -------------- Randomly-selected tag: --------------- farpotshket (far-POTCH-ket; Yiddish; noun): something that is all fouled up, especially as the result of an attempt to fix it. _______________________________________________ lemonade mailing list lemonade@ietf.org https://www1.ietf.org/mailman/listinfo/lemonade
- [lemonade] Comments on draft-ietf-lemonade-urlaut… Randall Gellens
- [lemonade] Re: Comments on draft-ietf-lemonade-ur… Mark Crispin
- RE: [lemonade] Re: Comments on draft-ietf-lemonad… Eric Burger
- RE: [lemonade] Re: Comments on draft-ietf-lemonad… Mark Crispin
- [lemonade] Re: Comments on draft-ietf-lemonade-ur… Randall Gellens
- [lemonade] Re: Comments on draft-ietf-lemonade-ur… Mark Crispin
- [lemonade] Re: Comments on draft-ietf-lemonade-ur… Randall Gellens