[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Asrg] 6. Proposals - Sender Authentication - DNS + PKI
On Sat, Nov 22, 2003 at 07:09:31PM -0500, Yakov Shafranovich wrote
> http://www.internetwk.com/breakingNews/showArticle.jhtml?articleID=16400308
> "Under the proposal, ISPs and any other organization with their
> own domain name system (DNS) would use a private key in their mail
> servers to place an encrypted code in the header of each piece
> of outgoing mail. When the mail arrived at its destination, the
> receiving mail server would get the sender's public key from its
> DNS server to decrypt the header, thus verifying the message's origin.
Why do they need an encrypted header ? Wouldn't a list of valid
sending domains or IP addresses be sufficient ?
Another worry is compromised home machines. A trojan can call the
Windows API and run the dialup-and-send-email processes. For all
intents and purposes, the end-user might be sitting at the keyboard.
There is no for the ISP way to tell.
--
Walter Dnes <waltdnes@waltdnes.org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg