John C Klensin wrote:
But, in fairness to the proposal, the general idea has one advantage. If one is concerned about source / originator identity and authentication, having to make a real-time direct connection back to the sender's repository permits thinking about much stronger methods than, e.g., header signatures.
I'm pretty sure it permits nothing stronger at all. So I need you to provide some detail. I'll also note that a mechanism with this much cost -- especially at the infastructure -- needs a proof-positive guarantee that it will provide benefits, and not just that it makes benefits possible. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
