Hadmut Danisch wrote:
On Tue, Mar 04, 2003 at 12:50:25PM +0530, Prasenjeet Dutta wrote:
It could also be because most PKI infrastructure is based on the X.509
model, which (though scalable) requires folk needing a certificate to
cough up cash to CAs like Verisign.
PGP (as we know it) will never do this job, since it lacks the
structure that X.509 has. PGP trust is based on a cloud of friends and
acquaintances, you will never get a working trust structure covering
the world wide email network.
I agree PGP's trust model does not scale well (however, it has lower
overhead to set up). However, the idea of letting relays non-repudiably
identify themselves to other relays is a sound one, I believe.
The only hitch is an infrastructural problem of getting a
"relay-identity-only" CA up and running who'd handle the X.509
infrastructure for handle certificate signing and revocation list
management -- for little or no cost (cost obviously detering non-profits
from using this).
Any entity registered with such a CA would satisfy Step #1 of Brad
Templeton's plan for spam -- "Whitelist those who will be accountable
for abuse", and we could reduce the problem set to dealing with rogue
SMTP servers.
Is such a 'free' "relay-identity-only" CA feasible? (Perhaps running on
donations from the community? Businesses spend enough on anti-spam
software and bandwidth that they shouldn't mind paying to reduce the
amount of spam they get.)
--
Prasenjeet Dutta
http://www.chaoszone.org/
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg