Listening in on a Sit Down on Authentication

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  
Yes, sports fans, it's time for another installment in the saga of newstandards for fighting spam and password phishing.

The battle over email authentication is mired in the minutiae oftechnical standards which only the geeks of the Internet EngineeringTask Force (IETF) could love. Yet, far from many of the esotericInternet standards battles that are blessedly irrelevant to most of ourday-to-day working lives, the fight over email authentication issomething that promises to make your life measurably better, or worse,in the very near future.

Fear not, gentle reader. You will be spared from sifting through IETFgroups charters and technical specifications. For, in a quiet corner ofa Thai restaurant in San Jose, Calif., I recently had a chance todebrief John Levine, chairman of the IETF's Anti-Spam Research Group,and author of numerous books including Internet for Dummies.

Wielding only peanut sauce and Thai iced tea, I was able to coerce Johninto giving me the Dummies-style insider's view of the emailauthentication wars. He explained why the leading proposal, Microsoft'sSender ID, self-destructed, and why today's most promisingauthentication proposal promises to lose your email and bring yourcompany's servers to a crashing halt.

In late September, the IETF