[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tmda: Challenge-response is fundamentally broken (RAPNAP)

on Thu, Sep 04, 2003 at 03:32:01AM -0500, david nicol (davidnicol@pay2send.com) wrote:
> Hello
> I've been trying to popularize a centralized challenge-response
> database since last fall.  It seems to me that becoming a debian
> package maintainer for the software to use it would make sense.
> Unlike TMDA's distributed profusion of extended addresses, a
> central RAPNAP (return address, peer network address pair) database
> only needs to send out a challenge when you change your outgoing
> SMTP server.  In effect, a central server caches challenge responses,
> so individual challenges are no required all the time.

All the faults of C-R and TMDA, with the added efficacy reduction factor
that trust is now made transitive across the all users over the entire

Bzzt.  You lose.

Try again.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Americans [...] need to watch what they say.
    -- Ari Fleischer, White House Press Secretary

Attachment: pgpLIXvjCOQlg.pgp
Description: PGP signature

Reply to: