On Sun, Mar 09, 2003 at 10:03:21AM +0000, Jon Kyme wrote:
I can see that there might be privacy issues - but any submission of an
*unencrypted* message to transport on the public internet caries an tacit
acceptance that the content becomes, in a sense, public.
There are several degrees of "public".
When I receive a message from someone else in Germany or
another country in Europe, than this could have been wiretapped.
Maybe. It would be at least a lot of overhead to wiretap every message
on the world. But if I volunteer to register every single mail I
receive in the way "Hey Big Brother, I just received mail with hash
#######" that's a completely different story.
If you want to actively wiretap someone, usually an order from a judge
is required. If people volunteer to register their incoming mail at a
central registry, it isn't.
The SMTP relay I use for inbound and outbound message at least offers
to use TLS. Even if there is no PKI and the key could be faked, it
stops a passive eavesdropper from reading if the other SMTP relay
agrees to use TLS. Wouldn't it be stupid to first receive a message
encrypted and then register that mail to a third party?
I can't see a free
speech issue here, who's proposing that employment of such a system be
mandatory?
It doesn't need to be mandatory. It's sufficient that enough people
use it voluntarily. It doesn't matter for which reason people use it.
So once a government observes any kind of a politically unwanted
In many jurisdictions I suspect this would be illegal.
There are so many things in the world which would be illegal in
many jurisdictions. Actually spam is illegal in Germany. Does anybody
care about?
And in most cases it even wouldn't be illegal. Imagine some
politically unwanted message becomes spread around. There's always
someone forwarding this message to the government. Then the government
could simply lookup in a database who else has received that message.
Maybe you're not aware of it, but the US government started to collect
informations about which books people buy. Buy the wrong book in the
bookshop at the corner and - bang - you're declared as being
suspicous.
In our jurisdictions this would be more than just illegal, it would
be ridiculous.
Except for the intention, there is absolutely no difference
- and especially not a technical difference - between this and
a censorship machinery.
Except a censorship machine is imposed, while this kind of service would be
voluntarily subscribed to, or implicit in the acceptance of a contract
with, say, an ISP or employer?
That's the dangerous point: If you were required to use it by law,
people would be cautious and develop ways to bypass it.
But if it comes as a voluntary service promising help against spam,
people would be unsuspicous.
The Bezirksregierung Düsseldorf required some german ISPs to poison
their DNS servers with wrong entries in order to block access to
certain web pages. Again, nobody requires the customers to use
the DNS server given in the PPP handshake. You can use any other
DNS server or setup your own one to easily get rid of that blockade.
But most people don't understand the details and thus they don't
get access. It's still voluntary to use the poisoned DNS server or not.
And by the way, not every message from a girl asking me to have
wild sex with her is spam.
I don't even get *spam* inviting me to wild sex anymore :(
If you don't mind to get them in german language, I can register
you to some sex contact services and you will have more than plenty of
such spams for years. Most of them even come with attached pictures in
order to give you the feeling that your mailbox is really filled.
It comes even better if you download your mailbox through a cellphone
to give you a feeling about the costs and to help you to appreciate the mails
as worthwile. Would you like?
What would the next generation spammers do? Obviously, they would
collect e-mail addresses _and_ public keys, and encrypt their spam,
thus rendering the content filters ineffective. People would tend
to not distribute their public key or to not having one at all.
Er, no. That's just not right is it?
You'll change your mind once you received the first 5,000 encrypted
spam messages.
While a government would never be able to establish such a
surveillance and censorship infrastructure for political reasons,
You seriously think that they haven't already?
I'm pretty sure your's did. I guess my one didn't. I was working for
an ISP and certainly would have known. If they could manage to
establish such an infrastructure, that would be the first thing
that our government gets finished and working.
Hadmut
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg