Simon Waters wrote: > Authentication is likely to be more hassle to people that a C/R system. > > The idea that you authenticate once is only any good if you trust the > authenticating body, so you might as well revert to the method described > above with the TXT records if there is a proliferation of such > authenticators.
Well, yes, that was the point when I said "The issue of what kind of certificate to accept is very important." There are standards for root CAs, at least. See http://www.webtrust.org/certauth.htm By themselves, the TXT records (or RMX records) don't mean much since the DNS system is as wide open as the distribution of IP addresses. In combination with some kind of trusted third party authentication, it could be useful. The question is what kind of system would people on this list want in order for challenge-response to be bypassed. I would have no problem accepting mail from a BondedSender system, and I doubt other would. My worry is that particular system is too expensive to be widespread. What should the minimum requirements be? Ken Hirsch _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
