What do you think of Yahoo's public/private key proposal using the DNS and a new header:
http://story.news.yahoo.com/news?tmpl=story&cid=569&e=12&u=/nm/tech_yahoo_dc
It makes me realize that any implementation will be disruptive in some ways but I guess it's the price we might have to pay to really slow down the spammers.
Is Yahoo working on this with/through the Internet Engineering Task Force (or whatever it's called) to work up a RFC? Or are they trying to get it up and running with a few big users on board so as to force it to become a de facto standard in a Microsoftian kind of maneuver?
What bothers me is the 2nd paragraph of the report:
Yahoo said its "Domain Keys" software, which it hopes to launch in 2004, will be made available freely to the developers of the Web's major open-source e-mail software and systems.
If you read between the lines, what they are saying is they will give the thing away to the big guys, hoping they will incorporate it, so that they can then turn around and charge everyone else to access the same technology that they will not be forced to be complient with or risk being knocked out of the market.
To me that is just someone else interested in making money off the problem, and not really interested in stopping the flow.
That's not really feasible, even though it reads that way. For their technique to be incorporated in Sendmail or Postfix (the 2 most widely used open-source MTA's) it really needs to be released under something much like the BSD license. If they have any intention of exacting a toll of any sort on using domain keys for signing mail, they will have near-zero adoption.
From what I have been able to glean from people who seem to have seen more detail than the press release, this really is as simple as it sounds: a public key in DNS and a signature of the message (probably including key headers) in a header, making it so that all mail using this method would need to funnel through a mail server operated by the domain owner of the return path domain.
There are a lot of issues with this. I tend to not mind losing the things this (or any other reasonable sender authentication) would make unworkable, but it is not without cost.
-- Bill Cole [EMAIL PROTECTED]
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
