Privacy needs to be a concern here, unless this feature were
backed up by some form of authentication I would hesitate to
consider it a _good thing_, even assuming it had widespread
implementation. I would not want to see the enablement of
a way for hackers to conduct "mail-wars".
How is this problem solved for the Usenet News command "cancel"?
Unfortunately, the basic answer is "it's not", and there have been
some problems with that. So far they haven't been disastrous. The
only real answer, I'm afraid, is cryptographic authentication --
nothing less will suffice. It's too easy to forge mail/news; there
is no realistic prospect of securing the Internet, or even a major
subset thereof, well enough to prevent forgery.
My guess is that only the originator of a message can obsolete
it. Possibly, also the moderator of a newsgroup or of a distribution
list should be allowed to cancel messages from that group?
The theory is that only the originator can cancel news. However, there
are legitimate cases where you want other people to be able to cancel
it: a moderated group's moderator, the originator's sysadmin, or even
just vaguely-defined "net authorities". This complicates the bejesus
out of the authentication problem. It is specifically desirable, nay
important, for responsible authorities to be able to cancel news *without*
the originator's cooperation -- he may be unreachable or uncooperative.
Whether this applies to mail is less obvious.
Obsoleting a message does not actually mean that the message
is removed in the system I use. Both the new and the old copy
is kept...
There is a problem with this for news -- which may or may not apply to
mail -- in cases such as inadvertent copyright violation. In such
cases, it is of some legal importance that cancel really and truly
*destroy* the original message; this goes a long way toward defusing
legal action for copyright violation, as I understand it. Merely
marking it as "the originator wanted this cancelled" isn't enough.
While this particular issue may not be relevant for mail, it's easy
to devise situations where the originator may have inadvertently sent
out defamatory or confidential material, and really does want it gone.
If you continue to make both versions available, I'd bet that one
popular response will be to apply "diff" to the two to see what changed.
This is fine if you're correcting typos, not so fine in other cases.
Henry Spencer
henry(_at_)zoo(_dot_)toronto(_dot_)edu