Does anybody know what has become of the low-tech, no-cryptography-needed RMX DNS record entry proposal?
A google search for "rmx dns" without quotes brings up as its first hit the Internet Draft at IETF which is dated October 2003. The subsequent hits show lots of discussion about it.
You might also be interested in http://spf.pobox.com which seems to be a similar proposal that extends the MX record rather than define a new rmx record.
To bring it back to the cryptography topic of this list, the draft proposal for rmx brings up a problem with crypto solutions that I did not see mentioned here yet. I'll just quote the relevant paragraph from the Draft rather than summarize it. Note that the draft states that it specifies only non-cryptographic mechanisms but still allows use of cryptography.
[begin quote] 2.4. Shortcomings of cryptographical approaches
At a first glance, the problem of sender address forgery might appear to be solvable with cryptographic methods such as challenge response authentications or digital signatures. A deeper analysis shows that only a small, closed user group could be covered with cryptographical methods. Any method used to stop spam forgery must be suitable to detect forgery not only for a small number of particular addresses, but for all addresses on the world. An attacker does not need to know the secrets belonging to a particular address. It is sufficient to be able to forge any address and thus to know any secret key. Since there are several hundreds of millions of users, there will always be a large amount of compromised keys, thus spoiling any common cryptographic method. Furthermore, cryptography has proven to be far too complicated and error prone to be commonly administered and reliably implemented. Many e-mail and DNS administrators do not have the knowledge required to deal with cryptographic mechanisms. Many legislations do not allow the general deployment of cryptography and a directory service with public keys. For these reasons, cryptography is applicable only to a small and closed group of users, but not to all participants of the e-mail service. [end quote]
-- sidney
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
