Re: Benefits/costs of authorizing different identities

[Dave Crocker <dhc@xxxxxxxxxxxx>]

Jon,


>> >> More generally, SMTP is a point-to-point protocol.  Any attempt to
>> >> assign a level of trustworthiness to an MTA requires a chain-of-trust
>> >> model back to the originator.
>> JK> I don't really want to get involved in a *trust* argument, but this
>> is
>> JK> patently untrue. This end might be achieved out-of-band.
>> 
>> This entire effort is about development of a trust mechanism, so it
>> will be rather crippling to avoid discussing the topic. "This end
>> might be achieved out-of-band."
>>

JK> No, I was only challenging your assertion that a "chain of trust" is the
JK> *only* possible model.

a mechanism that is based on smtp is a channel mechanism.  a mechanism
that has an arbitrary smtp server needing to trust information
provided from the origin is, by definition, a chain of trust model.


 
>> Also, I do not understand what you mean by

did I miss your clarification of that sentence?


>> JK> "focus" on this to the exclusion of anything else.
>> This goes into the issue I raised about the dangers of not focusing.

JK> No. I meant that focussing on HELO only, to the exclusion of anything else,
JK> would be bad. I gather that this isn't your position (any longer)?

the charter calls for making some focusing decisions.  good project
management for dealing with complex problems in a timely fashion also
call for making focusing decisions.



d/
--
 Dave Crocker <mailto:dcrocker@xxxxxxxxxxxxxxx>
 Brandenburg InternetWorking <http://www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>