I've been thinking about cryptographic signing of messages at the mail
transfer agent level. I can think of how to do it, but I'm not sure
what problem it solves. :) Anyone have any ideas?
[I remember that someone in Australia built some experimental patches
to do this for sendmail some time back. RFC2487 proposes a more
standard way to do this, using TLS for the encryption. One may argue
that the mechanism ultimately does not protect end to end message
integrity, but it most certainly *does* monkeywrench vacuum-cleaner
style mass tapping, and as such is possibly a very good thing even if
it provides no authentication at all...
It would be nice to open some discussion of this. --Perry]
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
