Language Selection

English French German Italian Portuguese Spanish

Antispam proposals advance

Filed under
Security

The Internet Engineering Steering Group (IESG), a division of the Internet Engineering Task Force (IETF), said it would publish two competing and overlapping sets of documents that define ways of confirming that e-mail senders are who they say they are.

The experimental Requests for Comment (RFCs)--Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail and Sender ID: Authenticating E-Mail--have been the subject of intense jockeying by Microsoft, America Online and others.

Critics have accused Microsoft of trying to strong-arm the industry into accepting Sender ID. Concerns over Microsoft's Sender ID-related patents have alarmed some involved in setting standards, and last year the IETF let a Sender ID working group expire.

"While many proposals for domain-based authorization have been under consideration, no consensus has yet been reached concerning a single technical approach," the IESG said in a statement. "The IESG does not endorse either of the two mechanisms documented in the experimental RFCs--their publication is intended to encourage further discussion and experimentation in order to gain experience that can be used to write future standards in this space."

Microsoft said that despite the expiration of the Sender ID working group in September, the approval of the experimental RFCs showed that its technology is alive and well in the standards-setting process.

"We think this is great," said Samantha McManus, business strategy manager for Microsoft's technology care and safety group. "We're glad to see Sender ID's experimental status, and we think e-mail authentication is very important for addressing spam and phishing. That said, we definitely have more to do."

Full Story.

More in Tux Machines

Octa-core Cortex-A53 hacker SBC sells for $60

FriendlyARM’s $60, open spec “NanoPC-T3” SBC runs Android or Linux on an octa-core Cortex-A53 SoC packed with wireless and media interfaces, plus 8GB eMMC. The over-caffeinated board builders at Guangzhou, China-based FriendlyARM have shipped their highest-end hacker board yet. The NanoPC-T3 is almost identical to the NanoPC-T2 board, but swaps out the quad-core, Cortex-A9 Samsung S5P4418 SoC for a layout-compatible S5P6818 with eight Cortex-A53 cores that can be clocked dynamically from 400MHz to 1.4GHz. Last month, FriendlyARM’ unveiled an $11, quad-core NanoPi M1 single board computer with similarly open source hardware and Android and Linux software. Read more

today's leftovers

Linux and Graphics

Security Leftovers

  • Cockpit 0.104
    Cockpit is the modern Linux admin interface. There’s a new release every week. Here are the highlights from this weeks 0.104 release.
  • FFmpeg 3.0.2 "Einstein" Multimedia Framework Released with Updated Components
    Today, April 28, 2016, the development team behind the popular FFmpeg open-source and cross-platform multimedia framework has released the second maintenance release in the stable FFmpeg 3.0 "Einstein" series. FFmpeg 3.0 was a massive release announced in mid-February, which brought in numerous existing changes, including support for decoding and encoding Common Encryption (CENC) MP4 files, support for decoding DXV streams, as well as support for decoding Screenpresso SPV1 streams.
  • Using bubblewrap in xdg-app
    At the core of xdg-app is a small helper binary that uses Linux features like namespaces to set up sandbox for the application. The main difference between this helper and a full-blown container system is that it runs entirely as the user. It does not require root privileges, and can never allow you to get access to things you would not otherwise have.
  • Build System Fallbacks
    If you are using Builder from git (such as via jhbuild) or from the gnome-builder-3-20 branch (what will become 3.20.4) you can use Builder with the fallback build system. This is essentially our “NULL” build system and has been around forever. But today, these branches learned something so stupidly obvious I’m ashamed I didn’t do it 6 months ago when implementing Build Configurations.
  • Node.js version 6 is now available