[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authentication and email

To: Paul Hoffman / IMC <phoffman@imc.org>
Subject: Re: Authentication and email
From: Eric Rescorla <ekr@rtfm.com>
Date: 31 Jan 2003 09:33:56 -0800
Cc: wgchairs@ietf.org
In-reply-to: <p05210219ba5e0c696c00@[165.227.249.18]>
References: <3E354398.BF1D5575@lmf.ericsson.se><611987020.1043699189@localhost> <3E3674FA.202781D7@lmf.ericsson.se><674756478.1043761959@localhost> <3E369EAE.80761DAC@lmf.ericsson.se><p05210219ba5e0c696c00@[165.227.249.18]>
User-agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)

Paul Hoffman / IMC <phoffman@imc.org> writes:
> At 5:15 PM +0200 1/28/03, Gonzalo Camarillo wrote:
> >And after giving them those speeches, we come back "home" to the IETF
> >and say that email security is undoable for our mailing lists for some
> >reason... it seems that MUSTs, SHOULDs and security considerations
> >sections do not apply to us ;o)
>
> This is an absurd argument. The security you are trying to achieve in
> 3GPP is completely unrelated to spam prevention.
>
> I assume that anyone who is advocating using S/MIME or PGP for
> spam-reduction has never used either protocol on a daily basis for
> mail filtering. And I say this as one of the strongest public
> proponents of those protocols. S/MIME and PGP are used for
> authenticating the content of the messages, not for authenticating
> the sender.
I'm not sure how you're drawing the distinction between providing
authentication for content and for senders. Certainly, one of the
services that S/MIME and PGP offer is data origin authentication.
Moreover, its hard to understand what the difference between
these two properties is.

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
                http://www.rtfm.com/

Follow-Ups:
- Re: Authentication and email
  - From: Paul Hoffman / IMC <phoffman@imc.org>

References:
- Authentication and email
  - From: Gonzalo Camarillo <Gonzalo.Camarillo@lmf.ericsson.se>
- Re: Authentication and email
  - From: Harald Tveit Alvestrand <harald@alvestrand.no>
- Re: Authentication and email
  - From: Gonzalo Camarillo <Gonzalo.Camarillo@lmf.ericsson.se>
- Re: Authentication and email
  - From: Harald Tveit Alvestrand <harald@alvestrand.no>
- Re: Authentication and email
  - From: Gonzalo Camarillo <Gonzalo.Camarillo@lmf.ericsson.se>
- Re: Authentication and email
  - From: Paul Hoffman / IMC <phoffman@imc.org>

Prev by Date: Evaluation: draft-katz-yeung-ospf-traffic - Traffic Engineering Extensions to OSPF Version 2 to Proposed Standard
Next by Date: Re: FW: RFC bandwith, packet size and latency
Previous by thread: Re: Authentication and email
Next by thread: Re: Authentication and email
Index(es):
- Date
- Thread