ietf-asrg
[Top] [All Lists]

Re: [Asrg] Proven solution for authenticating messages

2003-03-04 03:57:05
Hadmut Danisch wrote:
On Tue, Mar 04, 2003 at 12:50:25PM +0530, Prasenjeet Dutta wrote:

It could also be because most PKI infrastructure is based on the X.509 model, which (though scalable) requires folk needing a certificate to cough up cash to CAs like Verisign.


PGP (as we know it) will never do this job, since it lacks the
structure that X.509 has. PGP trust is based on a cloud of friends and
acquaintances, you will never get a working trust structure covering
the world wide email network.

I agree PGP's trust model does not scale well (however, it has lower overhead to set up). However, the idea of letting relays non-repudiably identify themselves to other relays is a sound one, I believe.

The only hitch is an infrastructural problem of getting a "relay-identity-only" CA up and running who'd handle the X.509 infrastructure for handle certificate signing and revocation list management -- for little or no cost (cost obviously detering non-profits from using this).

Any entity registered with such a CA would satisfy Step #1 of Brad Templeton's plan for spam -- "Whitelist those who will be accountable for abuse", and we could reduce the problem set to dealing with rogue SMTP servers.

Is such a 'free' "relay-identity-only" CA feasible? (Perhaps running on donations from the community? Businesses spend enough on anti-spam software and bandwidth that they shouldn't mind paying to reduce the amount of spam they get.)


--
Prasenjeet Dutta
http://www.chaoszone.org/


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg