[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: a header authentication scheme
On Thu October 21 2004 22:34, Laird Breyer wrote:
> In another post, I mentioned possibly extending the RFC 2822 date-time stamp
> to include microseconds.
1. date-time is pervasive; it is used in many places in addition to
time stamp lines
2. while providing seconds was once mandatory (RFC 821), it is
now optional (RFCs 2821/2822). So you might not even have
seconds. You seem to want to buck the trend.
> > 2. Quoting the "with" ID may provide protection, depending on whether
> > the ID is guessable.
> Yes. From the RFC, this is optional. Do you know any good reasons why the ID
> might not be added to a Received line sometimes?
Umm, because it is optional. Past implementations have associated
the identifier with a set of files used in store-and-forward
processing. In some cases, messages might be handled w/o
any associated file storage, therefore no need for an id.
There also appears to be some confusion between "with"
(which specifies a protocol (SMTP, ESMTP, LMTP, etc.) and
"id" which provides an identifier of some sort (RFCs
821/822/2821/2822 all differ on what is allowed).