[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: authenticated smtp

To: mea@nic.funet.fi
Subject: Re: authenticated smtp
From: Eugene Crosser <crosser@online.ru>
Date: Mon, 6 Apr 1998 23:20:21 +0400 (MSD)
cc: Lai Yiu Fai <ccyflai@ust.hk>, zmailer@nic.funet.fi
In-Reply-To: <19980405220943Z7069-709+204@nic.funet.fi>
Reply-To: Eugene Crosser <crosser@online.ru>
Sender: crosser@ariel.sovam.com

> I am begining to suspect that for truly authenticated SMTP (submission)
> we need to wrap it within SSL.  Then we could do simple password login,
> once the session is encrypted, and we have verified that the server is
> trusted..  Or is my vision going too far ?

I strongly beleive that a sort of public key crypto is the only real way
to go with authentication, yes.  Maybe even without passwords, if you have
a way to verify public keys.

> On the other hand, there is a matter of transitive trust in between
> servers.  In general Internet there is NO transitive trust on SMTP
> model.

On the other hand, yes, the whole thing seems rather pointless unless all
Internet stops relaying unauthenicated mail.  Will it?  I don't think so.

Eugene

References:
- Re: authenticated smtp
  - From: mea@nic.funet.fi

Prev by Date: Re: authenticated smtp
Next by Date: problem setting up MX
Prev by thread: Re: authenticated smtp
Next by thread: problem setting up MX
Index(es):
- Date
- Thread