[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Asrg] RMX provides auth for one-hop only (Re: privacy is a feature)

To: Hadmut Danisch <hadmut@danisch.de>
Subject: [Asrg] RMX provides auth for one-hop only (Re: privacy is a feature)
From: Adam Back <adam@cypherspace.org>
Date: Thu, 6 Mar 2003 19:39:37 +0000
Cc: Chris Lewis <clewis@nortelnetworks.com>, Asrg@ietf.org, Adam Back <adam@cypherspace.org>
In-reply-to: <20030306165805.GA12473@danisch.de>; from hadmut@danisch.de on Thu, Mar 06, 2003 at 05:58:05PM +0100
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20030305173026.2cc1f628.moore@cs.utk.edu> <20030305224734.GD16824@danisch.de> <20030305180647.232f86b8.moore@cs.utk.edu> <20030305231539.GC17368@danisch.de> <20030306002417.A4477766@exeter.ac.uk> <20030306090540.GB2340@danisch.de> <20030306084606.2a1e2702.moore@cs.utk.edu> <20030306141442.GA8957@danisch.de> <3E67703D.6040208@americasm01.nt.com> <20030306165805.GA12473@danisch.de>
Sender: asrg-admin@ietf.org
User-agent: Mutt/1.2.2i

Nodes in the received path can lie with RMX or UUCP, I think this is
the point.  Ergo RMX only provides authentication when there is one
hop.

Adam

On Thu, Mar 06, 2003 at 05:58:05PM +0100, Hadmut Danisch wrote:
> On Thu, Mar 06, 2003 at 10:58:53AM -0500, Chris Lewis wrote:
> 
> > And there's the rub.  Anyone anywhere along the path could have forged 
> > everything previous to them.  Not much different than the issues with 
> > SMTP.
> 
> 
> No. Since every node personally knew it's neighbours, you could 
> backtrack the path until you found the node which forged. 
> 
> Today, you also can backtrack, but it's useless, since SMTP nodes
> don't know their neighbours. How does it help you if you have 
> a Received: header that reliably says that the e-mail came from some
> dynamically assigned IP address in some country in far east, 
> no chance to figure out who used it?
> 
> In contrast, every UUCP node knew who it was sharing passwords with.
> 
> Hadmut
> 
> 
> 
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] RMX provides auth for one-hop only (Re: privacy is a feature)
  - From: wayne
- [Asrg] Re: RMX provides auth for one-hop only (Re: privacy is a feature)
  - From: Chris Lewis

References:
- Re: privacy is a feature (Re: [Asrg] desirable characteristics ofsource tracking)
  - From: Keith Moore
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Hadmut Danisch
- Re: privacy is a feature (Re: [Asrg] desirable characteristics ofsource tracking)
  - From: Keith Moore
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Hadmut Danisch
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Adam Back
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Hadmut Danisch
- Re: privacy is a feature (Re: [Asrg] desirable characteristics ofsource tracking)
  - From: Keith Moore
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Hadmut Danisch
- Re: privacy is a feature (Re: [Asrg] desirable characteristics ofsource tracking)
  - From: Chris Lewis
- Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
  - From: Hadmut Danisch

Prev by Date: [Asrg] Problems that make the RMX proposal infeasible
Next by Date: Re: [Asrg] Do we need to do anything?
Previous by thread: Re: privacy is a feature (Re: [Asrg] desirable characteristics of source tracking)
Next by thread: [Asrg] Re: RMX provides auth for one-hop only (Re: privacy is a feature)
Index(es):
- Date
- Thread