On Sat, 6 Dec 2003, Will Rodger wrote: > Steve Bellovin wrote: > >http://edition.cnn.com/2003/TECH/internet/12/05/spam.yahoo.reut/ > > > Does anyone have details? How much overhead would this entail? >
To avoid replay attacks one needs to sign a string that is tied to a specific message or time period and is invariant under forwarding through various relays and gateways. The header and envelope sender and recipients are often subject to rewriting, the Message-Id can be cloned. What exactly would they have the sender domain sign. I am skeptical that such a proposal can acquire any traction. Also curious to see the details... -- Viktor. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]