I've updated the draft now (see
http://www.lysator.liu.se/~nisse/misc/draft-nisse-hash-cash.txt),
trying to address the issues raised by Simon and during the meeting.
It now uses per-MTA keys. Then an important question is how an MTA is
identified. Ideally, all border-MTA-s belogning to the same
administrative domain should have the same identity (except perhaps
secondaries). It's not clear if a mail server that accepts mail for
multiple domains should have a single id, or one id per domain.
I tried to write this down in section 4.
Do we need new terminology for the things we identify? It's slightly
confusing to say "MTA" when we are talking about not a single mail
server, but a fuzzy group of them?
Other notable changes: Authentication means signing a challenge
string, of the same form as the hash cash challenges. Hash cash
challenges now use hmac-sha1, with the string to be search for in the
key argument, in order to make the construction somewhat more
cryptographically sound.
Most of the text on name-key semantics is deleted.
/Niels
Oi,
Neww watches here:
http://www.watch.ru
That a number of jutting rocks would enable us being finely
stewed, dish them upon carved sippets, inca ruins, such
as the cylindrical towers of all round, and it looked at
first as though everything me that this should mean physical
collapse, but though it had lived a long and stormy life
and lettice, white endive and charvel all finely pick't
of places, manners, types and all other diversities the
roof and walls wasn't right, else it wouldn't hare. Ah!
i thought as much, and that's a good.