ietf-822
[Top] [All Lists]

Re: "Obsoletes" is a much needed Internet mail feature

1994-08-18 08:44:15
On Thu, 18 Aug 1994, Dana S Emery wrote:

Jacob Palme>
  My personal experience is that this feature [Obsoletes:...] 
  is ***very*** useful and ***much*** needed.

Privacy needs to be a concern here, unless this feature were
backed up by some form of authentication I would hesitate to
consider it a _good thing_, even assuming it had widespread 
implementation.  I would not want to see the enablement of
a way for hackers to conduct "mail-wars".

How is this problem solved for the Usenet News command "cancel"?
My guess is that only the originator of a message can obsolete
it. Possibly, also the moderator of a newsgroup or of a distribution
list should be allowed to cancel messages from that group?

The exact interpretation of the "obsoletes" feature is up to
the mailbox software of the receiving recipients. The way it is
done in the system I am accustomed to, is that only original
senders and moderators can obsolete messages. Moderators cannot
obsolete the message itself, only the link between the message
and the group he moderates. If thus the same message is sent
to more than one group, and one of the moderator obsoletes it,
this means that it is removed from his group but not from the
other group it was sent to.

Obsoleting a message does not actually mean that the message
is removed in the system I use. Both the new and the old copy
is kept. Recipients who have already seen the old version,
will be shown the new version too. Recipients who log in
when both the old and the new version has arrived, will be
shown only the new version, but with a line in the heading
saying
Obsoletes: <Message-ID of the obsoleted message>
They can then, if they so wish, give a command to retrieve
the old version of the message.

Our experience with this feature is only positive. We have
never had any single occurence of any problems with the
feature.

If obsoletes is implemented in this way, I see no privacy
concerns. If you feel strongly about this, the best might
be to say that only the original author and no one else
can obsolete a message. That is the way it is defined in
X.400.

The only possible privacy concern might be if someone
fakes a message with the original author as origin ator
in order to obsolete his message. But the risk for this
is not higher than the general risk of people sending
faked messages, so this should not be an argument against
an "obsoletes" feature, but rather an argument against
allowing people to send faked messages at all.