[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MLM subaddress requirement

To: ietf-822@xxxxxxx
Subject: Re: MLM subaddress requirement
From: "D. J. Bernstein" <djb@xxxxxxxxxxxxxxxxxxxx>
Date: 7 Aug 1997 18:26:20 -0000
Sender: owner-ietf-822@xxxxxxx

> It's not reasonable to use *any* return-path or header that's visible,
> as a password to access sensitive information.  

People protect this mechanism with strong authentication---e.g., PGP.

> There's nothing wrong with refining that heuristic to allow posting
> from xxx@xxxxxxx if the subscriber address is xxx+foo@xxxxxxxx

It breaks existing PGP-protected mailing lists, turning good security
into nonexistent security.

---Dan
Set up a new mailing list in a single command. http://pobox.com/~djb/ezmlm.html

Prev by Date: Re: MLM subaddress requirement
Next by Date: failure to address objections
Previous by thread: extensions to local parts of mail addresses
Next by thread: failure to address objections
Index(es):
- Date
- Thread