On Fri, 2007-01-26 at 18:25 -0700, Brandon Stout wrote: > Corey Edwards wrote: > > Signing just the headers would be naive. All it would tell you is that > > the headers originated from that domain. It says nothing about the > > content because you could alter, remove, or destroy the content without > > affecting the signed portion. You really have to sign the body as well. > > > > As with most things cryptographic, coming up with a new standard is > > rarely more secure or simpler than sticking with the tried and true. > > Domain Keys may be a relative newbie on the block, but it does have wide > > exposure and in theory should be more robust because of it. > > > > Corey > > I wonder if the Yahoo patent might slow potential growth, or if Yahoo > has opened it up so others can use it freely...
It's available under two license, either GPL or a Yahoo patent license agreement. The former of course is quite free, and the latter really doesn't seem bad. It would take a lot of effort to create a patent license as horrible as Microsoft did for Sender ID. Corey /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
