[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sender vs author, channel vs object, designated sender vs crypto signatures

To: IETF MXCOMP <ietf-mxcomp@xxxxxxx>
Subject: Re: sender vs author, channel vs object, designated sender vs crypto signatures
From: Meng Weng Wong <mengwong@xxxxxxxxxxxxxxx>
Date: Thu, 18 Mar 2004 11:20:22 -0500
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-mxcomp/mail-archive/>
List-id: <ietf-mxcomp.imc.org>
List-unsubscribe: <mailto:ietf-mxcomp-request@imc.org?body=unsubscribe>
References: <> <>
Sender: owner-ietf-mxcomp@xxxxxxxxxxxx
User-agent: Mutt/1.3.25i

On Thu, Mar 18, 2004 at 10:50:20AM -0500, Meng Weng Wong wrote:
| 
| OK, let me rephrase.
| 
| I believe that the solution domain of designated sender schemes matches
| the problem domain of RFC2821 MAIL FROM authentication, and that the
| solution domain of crytographic signatures matches the problem domain of
| RFC2822 header From: authentication.

OK, let me rephrase again.

1) I believe that it is important to protect the RFC2821 MAIL FROM from
   illegitimate spoofing, independent of the RFC2822 header From:.

2) I believe that the most appropriate way to do so is with a designated
   sender scheme.

3) I believe that it is also important to protect the RFC2822 header From:
   from illegitimate spoofing, independent of the RFC2821 MAIL FROM.

4) I believe that the most appropriate way to do so is with a cryptographic
   signature system.

5) By "appropriate", I mean "engineering tradeoffs that require the
   least amount of total work to preserve existing desired functionality
   and inhibit undesired illegitimate spoofing."  I assume that some of
   this work may have to be done by operators of newsletters, forwarder
   services, senders of web-generated email, etc.

Follow-Ups:
- Re: sender vs author, channel vs object, designated sender vs crypto signatures
  - From: Mark C. Langston
- Re: sender vs author, channel vs object, designated sender vs crypto signatures
  - From: Meng Weng Wong

References:
- sender vs author, channel vs object, designated sender vs crypto signatures
  - From: Meng Weng Wong
- Re: sender vs author, channel vs object, designated sender vs crypto signatures
  - From: Meng Weng Wong

Prev by Date: Re: sender vs author, channel vs object, designated sender vs crypto signatures
Next by Date: Re: sender vs author, channel vs object, designated sender vs crypto signatures
Previous by thread: Re: sender vs author, channel vs object, designated sender vs crypto signatures
Next by thread: Re: sender vs author, channel vs object, designated sender vs crypto signatures
Index(es):
- Date
- Thread