I understand where Ken is coming from, relative to requiring
people to rent a cluon or two before they should be allowed to do
something that might tend to put them in an abusive position, such as
subscribing to a mailing list (by abusive, I mean that they might be
inclined to abuse me, as list-manager, if I did not spend all
twenty-four hours a day of my worthless time to accede to their every
whim, since that's obviously what I was put on this planet for).
However, I also understand that there are situations where the
same sorts of features might be used for other reasons (i.e., simply
requiring confirmation that a user did, in fact, want to subscribe to
a particular list, as opposed to someone having maliciously
subscribed them to hundreds of thousands of lists).
At 10:42 PM -0500 2/17/1997, Grant Neufeld wrote:
>Ken Dykes wrote:
>> a general point about the whole approach of using HEADERS. how are forgeries
>> and spoofing avoided? do HEADERS get PGP or other authentication in most
>> mail systems?
>Nope. Spoofing is an issue we're discssing now on the list-header list. A
>formal resolution has not been reached, but when it has, it will be
>included in the specification.
>Do you have any security implementation suggestions (I'm not even remotely
>an encryption/signature expert)?
Ken does have one inescapable point -- all this automation and
improvement of interaction with MLMs should be done through a new
MIME bodypart type, and not through headers (if nothing else, many
gateways strip headers, intentionally or otherwise). This MIME
bodypart could be enveloped in a signed cleartext PGP/MIME bodypart
(or some other encryption standard) without loss of generality.
If it was made complete enough, the protocol could satisfy all
the different capabilities in an extensible manner, and yet hopefully
still be simple enough that people could choose to implement only a
subset of the commands/capabilities, if they wanted an MLM that was
"small" or "simple", while not overly restricting the capabilities of
the full-featured MLMs.
Perhaps call it "Simple MLM Management Protocol-- SMMP"? ;-)
I recommend you get the Internet Mail Consortium involved in
these efforts, since Paul Hoffman and Dave Crocker have been down a
lot of the same roads in the past on other projects, and can help
steer you towards more appropriate and flexible approaches to solving
these kinds of problems.
Brad Knowles, MIME/PGP: email@example.com
comp.mail.sendmail FAQ Maintainer <http://www.his.com/~brad/>
finger firstname.lastname@example.org for my PGP Public Keys and Geek Code
The comp.mail.sendmail FAQ is at <http://www.his.com/~brad/sendmail/>