Which recipient are we authenticating for? - mta-hashcash - lists.lysator.liu.se

List overview All Threads
Download

Which recipient are we authenticating for?

Forwarding, and per-user keys

#mta-hashcash @ freenode

Linus Nordberg

6 Oct 2004 6 Oct '04

4:34 p.m.

We need a way to express which sender/recipient pair a given XHASHCASHAUTH is authenticating, in the case of multiple RCPT TO. The verifying server could calculate MAC for all recipients and try to match each an every one but that feels a bit annoying.

Reply

Show replies by date

nisse＠lysator.liu.se

7 Oct 7 Oct

7:01 a.m.

Linus Nordberg linus@nordberg.se writes:

We need a way to express which sender/recipient pair a given XHASHCASHAUTH is authenticating, in the case of multiple RCPT TO.

Correct, when moving the XHASHCASH* things before RCPT TO, more information must be provided by the client.

And it applies not only to authentication, but also to challenge response (since the salt/resource/hashcash input depends on the recipient).

/Niels

Reply

7381

Age (days ago)

7382

Last active (days ago)

mta-hashcash@lists.lysator.liu.se

1 comments

2 participants

tags (0)

participants (2)

Linus Nordberg
nisse＠lysator.liu.se