[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] C/R Framework

To: "Yakov Shafranovich" <research@solidmatrix.com>
Subject: Re: [Asrg] C/R Framework
From: "Jon Kyme" <jrk@merseymail.com>
Date: Thu, 15 May 2003 17:05:57 +0100
Cc: "ASRG" <asrg@ietf.org>
In-reply-to: <5.2.0.9.2.20030515115340.00bafae8@std5.imagineis.com>
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org

> problem too. As I mentioned before, perhaps we should not store plain
> email
> addresses - but some form of checksum or something. Even though that is 
> susceptible to dictionary attacks, the attacker must know what he is 
> looking for. This will at least protect against people snooping at
> messages.
> 


I don't think it's necc. to specify what steps an implementer needs to take
to protect/hide the data - just an recommendation that they should take
steps is probably enough. Maybe?






--
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] C/R Framework
  - From: Yakov Shafranovich

References:
- Re: [Asrg] C/R Framework
  - From: Yakov Shafranovich

Prev by Date: RE: [Asrg] C/R Framework
Next by Date: Re: [Asrg] RE: C/R Framework
Previous by thread: Re: [Asrg] C/R Framework
Next by thread: Re: [Asrg] C/R Framework
Index(es):
- Date
- Thread