Rand Wacker wrote:
I agree with some of the things you say Michael:
The MARID charter is "authenticate mail transfer".
Interesting, I went back to read the charter and notice that MARID has no binding to do IP-based authentication (although it could be read that way). Maybe we *should* just go straight to a crypto-based solution. That would seem to get around a lot of the disagreement currently on the list.
Well, I think the IETF should tackle crypto-based solutions after we have the IP-based authentication standard well on its way. MARID's charter might allow this.
IP-based authentication on MTAs has been seen as the first step because it has a smaller deployment and a smaller performance cost than the crypto-based solutions. And, surprisingly robust authentication can be done with IP-based authentication, if the 2821 HELO and/or MAIL FROM are used.
Crypto-based solutions can be applied later (after the IP-based authentication), because it has a larger deployment (modification to message re-writers like mailing lists, and normally also modifications to MUAs) and a much larger performance cost.