[hashcash] Re: Microsoft apparently scuppers their own standards
- From: Atom 'Smasher' <atom@xxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Fri, 27 Aug 2004 23:33:55 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, 27 Aug 2004, Hal Finney wrote:
DomainKeys is completely different and involves cryptographic signatures.
I don't know much about it.
=============
http://antispam.yahoo.com/domainkeys
domain-keys is a public-key system at the mail server level. it really
doesn't accomplish anything that SPF can't do, but it's more complicated.
domain-keys also seems vulnerable to a replay attack. SPF seems simpler,
more robust and less vulnerable to attack and abuse (IMHO).
SPF is intended to curb forging of envelope-from; domain-keys is intended
to curb forging of the message "From". i haven't given much thought to
extending domain-keys to cover both types of "from", but i have thought of
ways to extend it into SPF.
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"Whenever people say 'We mustn't be sentimental',
you can take it they are about to do something cruel.
And if they add 'We must be realistic',
they mean they are going to make money out of it."
-- Brigid Brophy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJBL/0pAAoJEAx/d+cTpVcilskH/17VEwMyc0uF0sUthONd/7jJ
ierQfuBdnOFoO2UkVb/X9VKTuCB5qwLXjy5HlWPAPF3Yggt6iH0E9bmNkGOpMUhR
gweClpEHGbTaR4lllJ5BA9ajA2g5COp5/m16FtiBq7aXUMkeDgywdGosDPgMhVm1
IK9tiZmW7gokX+Ymyiuchnu6M4yAmVUtr7cQmfRrB++bbulPBH9d6GrWgO5VvfPa
wTS5D2sA7FVDqMVGNl4SGvU7Z7q1Sa/JDt1Txyv87E7qZH2IG8B59iE3vh+UvAUQ
nFMoi4s0o2W05zVV7yOpvcT4qEat9O9b+DNsvdCnkiGbT2Xig+Bj5zcr/WceMvg=
=hFHm
-----END PGP SIGNATURE-----
Other related posts:
