[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 10: Signing bounce addresses

Page 10

We require a clear distinction so that we know when to sign an address.
Distinction is roughly the same as that between smtp.hermes and ppsw

Submission must be authenticated to make forgery guarantee apply at
the granularity of individual users rather than the whole CUDN.
Therefore forgery protection is optional so that we don't have to
reconfigure everyone.

The bounce address is forced for two reasons: mostly to prevent
lying, but also because users have multiple role addresses that they
might want to use, e.g. @cam, @dept, @home, but the only one that is
directly authenticated is the Hermes one and the others are not
strongly tied to it.

The signature on the address is a guarantee from smtp.hermes that
the message was submitted by the address's user and that the user
was properly authenticated.

The above is not a real example or even real syntax.

Generated by MagicPoint