> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Shmuel Metz > Sent: Sunday, February 12, 2012 8:11 AM > To: Message Abuse Report Format working group > Subject: Re: [marf] meaning of signatures, was I-D Action: draft-ietf- > marf-as-07.txt > > >>>I can't conceive of an Internet-based technology that can confirm > >>>intent or legitimacy of the signer/author/whatever. > >> > >>How about a public key in a TXT RR? > >OK, what's the intent and legitimacy of this message? > > How is that relevant?
Despite DKIM passing on a message for any given domain, you don't know whether or not that domain name represents the entity claimed in the message header or body. The legitimacy, therefore, cannot be established even by cryptographic means. > The only TXT RR for banqofamerika.com is the SPF > RR. What I was saying was that a technolgy was feasible whereby, e.g., > the Return-Path, the From address, was encrypted with a private key and > the public key was available in a TXT[1] RR. Doing so would also tell you nothing about the legitimacy of the content. In any case, if we were to speculate on any possible future authentication technology, this document will suffer more bloat than it already has. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
