On Mon, Feb 23, 2004 at 04:14:13PM -0000, Piers Chivers wrote:
1) Personal email - I don't have official figures but I expect >95% of all
emails are personal. This email is personal even though I am using my
company's infrastructure to send it.
But why do you send this as an email? Why do I receive it as an email?
Why can't I tell the list manager to send me a XYmessage via XYprotocol
which will trigger my XYclient that will display the message retrieved in
RDF format from the website of the list archive?
And I will use my WZclient to write back an answer in RDF format that
the list manager will convert to text/plain and send it e.g. to you via
2) Organisational email - just occasionally I send an email that says "I'll
meet you in London at 9.00am for a very important meeting". This is my idea
of an organisational message, sent in my role as an employee.
Ok, you said currently, but:
But instead of sending the text would it be nice if you'd fire up your
calendar, somehow locate the other person you want to meet, drag the
name over to <date>, 9.00am, fill in London click on "important meeting"
and the calendar will (maybe via email in a special format) contact your
partners address. His calendar will pop up and tell him your message, he
will confirm and a message will fly back and you calendar will change
the little "unconfirmed" icon to a "confirmed" one?
Of course the system will send a message depending on the fact that it
knows that the destination person is using calendar systen XYCAL
otherwise it would have sent a textual message of contacted a webserver
or sent a fax.
3) Contractual email - maybe, once upon a time, somewhere, someone sent an
email saying "I'll buy 500 of your widgets and here's my credit card
details" - I've not met this person.
But close to that is a PDF file with a detailled invoice and a bank
account to transfer the money too. The email is PGP signed, so the
receiver can validate the sender.
So, given the above, we should concentrate on getting point 1) right. This
means that issues such as authenticity and authorisation are lesser against
Sorry, I don't agree here.
I often get emails were people affront me that I should stop sending
them viruses (I don't use Windows). Authenticity and authorisation will
end spoofing. However this has to be much simpler and more trustworthy
than it is now. Signing and validating must be a part of the system
without the user messing around with generating keys, signing emails
installing additional software, searching around at key servers to
be able to validate sigs ... I admit that I don't know how to accomplish
this (i.e. user getting their trustworthy certs), but I strongly advocate it.
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"