On Sun, 18 Jan 2004, Keith Moore wrote:
> To this point I would say, we need to know the physical location of the
> machine (node) on the Internet sending the email.
do we really care where the message was sent from, as opposed to who
sent it?
This is a really good question.
My current thinking is I don't want to tightly couple the message
direclty to a person, even in an ephemeral way. I would rather note
sites, especially those that have multiple users.
So, rather than even having a home user site create a "who sent it
identifier", I would prefer the ISP submission server create a "message
passed through my server identifier", along with additional private log
entries that make it possible to trace the message back to its actual
origin. Those log entries can then be retrieved through ordinary law
enforcement means.
Now, perhaps from an implementation point of view that's not much
different than an emphemeral original identifier, but I believe it will
be perceived differently and the distinction is important.
Also, just as I don't want to expose the actual identity of every
message sender, I wouldn't want to expose the location of every message
sender. (I can see it now - send an e-mail critical of Dubya, and a
G-man knocks on your door within the hour...)
Yes, well, any security measure that involves a known principle carries
that risk so I don't view it as a reason not to do this.
Jim