SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

• Previous message (by thread): SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
• Next message (by thread): SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/8/19 6:11 PM, Valdis Klētnieks wrote:
> On Mon, 08 Jul 2019 17:58:17 -0700, Michael Thomas said:
>> On 7/8/19 5:54 PM, Keith Medcalf wrote:
>>> This is because DKIM was a solution to a problem that did not exist.
>>>
>>>
>> ::eyeroll:: pray tell, how do you "always" know the identity of the MTA
>> sending you a message?
> It's more subtle than that - you always know the "identity" of the purported
> MTA, because you know their IP address.  Whether "purported" is the same as
> "legitimate" or "authorized" is a whole different kettle of fish....
>
> Remember - port 25 is widely blocked precisely because there were always a
> plenty supply of MTAs whose identity you knew, sending you spam from consumer
> living rooms....
>

Like I said, what DKIM brought is the ability to "blame me". knowing the 
IP address doesn't give you that in any useful way. Recall that trust is 
mainly a social construct, not a technical one. Bruce Schneier has 
written about that endlessly.

Mike

• Previous message (by thread): SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
• Next message (by thread): SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]