IETF Logo Mail Archive

Re: [marf] meaning of signatures, was I-D Action: draft-ietf-marf-as-07.txt

Shmuel (Seymour J.) Metz <shmuel+mail-abuse-feedback-report@patriot.net> Mon, 13 February 2012 18:56 UTC

Return-Path: <shmuel+gen@patriot.net>
X-Original-To: marf@ietfa.amsl.com
Delivered-To: marf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F28D121F869E for <marf@ietfa.amsl.com>; Mon, 13 Feb 2012 10:56:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.273
X-Spam-Level:
X-Spam-Status: No, score=-2.273 tagged_above=-999 required=5 tests=[AWL=0.326, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vfLWIn3D6Apz for <marf@ietfa.amsl.com>; Mon, 13 Feb 2012 10:56:47 -0800 (PST)
Received: from smtp.patriot.net (smtp.patriot.net [209.249.176.77]) by ietfa.amsl.com (Postfix) with ESMTP id 0B9D821F865E for <marf@ietf.org>; Mon, 13 Feb 2012 10:56:46 -0800 (PST)
Received: from ECS60015111 (unknown [69.72.27.150]) (Authenticated sender: shmuel@patriot.net) by smtp.patriot.net (Postfix) with ESMTP id 3EC32F58093 for <marf@ietf.org>; Mon, 13 Feb 2012 13:42:03 -0500 (EST)
From: Shmuel Metz <shmuel+mail-abuse-feedback-report@patriot.net>
Date: Mon, 13 Feb 2012 13:04:57 -0500
To: marf@ietf.org
In-Reply-To: <alpine.BSF.2.00.1202121550550.27868@joyce.lan>
Mail-Copies-To: nobody
Organization: Atid/2
X-CompuServe-Customer: Yes
X-Coriate: NCAE@NewAmerica.org
X-Coriate: Mark Griffith <markgriffith@rocketmail.com>
X-Punge: Micro$oft
X-Terminate: SPA(GIS)
X-Treme: C&C,DWS
X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.18 BETA/60
Message-Id: <20120213184204.3EC32F58093@smtp.patriot.net>
Subject: Re: [marf] meaning of signatures, was I-D Action: draft-ietf-marf-as-07.txt
X-BeenThere: marf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Message Abuse Report Format working group <MARF@IETF.ORG>
List-Id: Message Abuse Report Format working group discussion list <marf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/marf>, <mailto:marf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/marf>
List-Post: <mailto:marf@ietf.org>
List-Help: <mailto:marf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2012 18:56:48 -0000

In <alpine.BSF.2.00.1202121550550.27868@joyce.lan>, on 02/12/2012
   at 03:54 PM, "BANK SECURITY" <security@banqofamerika.com> said:

>Sorry, that makes no sense at all.  Every DKIM verification record is
>a TXT record containing a public key.

We seem to be talking at cross purposes. I'm not saying that DKIM or
SPF infrastructure can be used for the purpose, I'm saying that it is
possible to define and deploy a means of authenticating addresses in
the header.

>The basic fact is that there is nothing I can say to improve my
>reputation 

I'm not addressing reputation. Verifying that the sender is authorized
to use a domain name in no way implies that he is legitimate. In fact,
spammers were early adopters of SPF, as you know.

>So I can publish text records to prove that something is from me,
>but not to prove that I'm nice.

I was addressing authentication, not reputation.

-- 
     Shmuel (Seymour J.) Metz, SysProg and JOAT
     Atid/2        <http://patriot.net/~shmuel>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)

v2.23.0 | Report a Bug | By Email