-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ken Hirsch wrote: > > 3) could reduce the challenge-to-forged-from-address problem (*).
This is similar to the approach of putting the IP addresses of valid sending machines in the TXT records for a domain. It has similar drawbacks. > I think that it is possible that challenge-response systems could act as a > bridge between unauthenticated SMTP systems (currently all), and the brave, > new world of authenticated email. The fact that people find > challenge-response systems slighlty annoying, and some people (I won't name > names) find them very annoying, could actually act as a stimulus to people > going through the hassle and expense of authenticating. Authentication is likely to be more hassle to people that a C/R system. The idea that you authenticate once is only any good if you trust the authenticating body, so you might as well revert to the method described above with the TXT records if there is a proliferation of such authenticators. I'm pretty happy to whitelist addresses on a wide range of criteria, however I think global whitelists, or authentication scheme will be difficult to establish, as the cost falls on those signed up, who initially get very little benefit. I think the web of trust offers scope for assumed whitelisting.... so if I trust you, you could sign a company key used to sign invoices, or automated emails. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/dL85GFXfHI9FVgYRAp/dAJoChxzasaYFN6zgrD5Bfka+JIlpsgCgnV9P HyqrtHqdlGarR+dMK01i1Hs= =g2/B -----END PGP SIGNATURE----- _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
