[hashcash] Re: Microsoft apparently scuppers their own standards

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Fri, 27 Aug 2004, Hal Finney wrote:

DomainKeys is completely different and involves cryptographic signatures.
I don't know much about it.
=============

http://antispam.yahoo.com/domainkeys

domain-keys is a public-key system at the mail server level. it really doesn't accomplish anything that SPF can't do, but it's more complicated. domain-keys also seems vulnerable to a replay attack. SPF seems simpler, more robust and less vulnerable to attack and abuse (IMHO).

SPF is intended to curb forging of envelope-from; domain-keys is intended to curb forging of the message "From". i haven't given much thought to extending domain-keys to cover both types of "from", but i have thought of ways to extend it into SPF.


...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "Whenever people say 'We mustn't be sentimental',
         you can take it they are about to do something cruel.
         And if they add 'We must be realistic',
         they mean they are going to make money out of it."
                -- Brigid Brophy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBL/0pAAoJEAx/d+cTpVcilskH/17VEwMyc0uF0sUthONd/7jJ
ierQfuBdnOFoO2UkVb/X9VKTuCB5qwLXjy5HlWPAPF3Yggt6iH0E9bmNkGOpMUhR
gweClpEHGbTaR4lllJ5BA9ajA2g5COp5/m16FtiBq7aXUMkeDgywdGosDPgMhVm1
IK9tiZmW7gokX+Ymyiuchnu6M4yAmVUtr7cQmfRrB++bbulPBH9d6GrWgO5VvfPa
wTS5D2sA7FVDqMVGNl4SGvU7Z7q1Sa/JDt1Txyv87E7qZH2IG8B59iE3vh+UvAUQ
nFMoi4s0o2W05zVV7yOpvcT4qEat9O9b+DNsvdCnkiGbT2Xig+Bj5zcr/WceMvg=
=hFHm
-----END PGP SIGNATURE-----

Other related posts: