Dennis Gearon wrote:
david nicol wrote:I suggested both body and specific headers be hashed. And only 32 bytes from the body to save processor time. Someone gave some good, valid reasons why the CRI/hash idea has problems, but I think they would not be too hard to overcome. Mostly, it was:On Thu, 2003-09-25 at 19:32, Dennis Gearon wrote:Yakov Shafranovich wrote:Actually, my idea, I believe, takes care of most of the problems with the Level 2 CRI system. I will think about it for awhile.Fourth, take a look at the CRI proposal: http://www.ietf.org/internet-drafts/draft-irtf-asrg-cri-00.txt
When is CRI 01 due? Who is maintaining it (I nominate Eric Dean)?
It has been pointed out that body hashing would make CRI level-2
work, and this was AIUI generally agreed-to. Yet a revised CRI
document has not yet appeared.
A/ The need to keep records of what is sent.
B/ The additional changes to SMTP required
(Anyone really believe that SMTP will forever be extendible and not have to be replaced someday?)
C/ Messages can't be stopped before they leave, only when they arrive.
Well, I am too tired and not well enough versed to coment on A and B. However, regarding CI think that the whole SPAM problem has to be solved in a two part solution anyway:
A/ Develop a way to know who is sending what, and receivers can decide to accept or not mail that is not certified to be from who it says it is from.
Also take a look at: http://www.elan.net/~william/asrg-emailpathverification-presentation.pdf
B/ Implement blocking on the send or receive sides, using lists, or authority, or validation, etc.
Take a look at: http://www.solidmatrix.com/research/asrg/asrg-consent-framework.html
My proposal, and CRI/hash in general only addresses A. I leave B to more knowledgable people.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg