[ppml] 2007-1, was Re: mail auth proposals
Leo Bicknell
bicknell at ufp.org
Thu Apr 12 21:28:54 EDT 2007
In a message written on Thu, Apr 12, 2007 at 12:58:50AM -0700, william(at)elan.net wrote:
> Perhaps the issue is that its unclear what the goals are for deploying
> this email authentication. There can actually be two gaols:
> 1. To verify that email address sent to ARIN really came from listed
> email address
> 2. To verify that the person sending the email and using email address
> is really who he says he is
Actually, I don't think either of those are the goal.
3. To make it more difficult for a bad actor to supply fraudulent data to
ARIN that appears authentic.
Having a dead bolt on the door keeps out someone who might walk in
if there was no lock, but won't keep out someone willing to break
down the door. I think those for PGP would like to see a dead bolt
installed.
--
Leo Bicknell - bicknell at ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20070412/20479eef/attachment.sig>
More information about the ARIN-PPML
mailing list