Just to be clear: that was SMTP. The calculus can be different for other protocols, depending on their end to end nature. SMTP is very hop by hop and it is very difficult to secure an entire path with confidence due to downgrade attack threats. https would be a horse of a different color.
On 6/9/14, 10:10 PM, Brian E Carpenter wrote: > On 10/06/2014 04:43, Ted Lemon wrote: >> On Jun 9, 2014, at 12:32 PM, Eliot Lear <l...@cisco.com> wrote: >>> But does adding a header solve the problem? Not unless it is signed AND I >>> believe the signature. And then I had better be willing to spend the >>> processing time to sort out your good customers from your bad customers. I >>> might do that if you're at a very big mail service provider, in which case >>> I probably get very little spam, anyway. I probably won't do that if >>> you're Joe's small time ISP, unless there is some scaling feature not yet >>> deployed today. >> Bingo. > So, there are some more components of the threat analysis and the solution > requirements. That's good, but I thought we were discussing whether > to document the use cases. > > Brian > > _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
