I think signatures using nothing more than secret or public key
encryption are not fancy. By "fancy crypto solutions" I mean schemes
such as PKI which involve or should involve
- networks of key servers or distributed lists of signature
authorities, - certificate or key revocation machinery (which
perhaps ought to be
related to the previous item, but in real life seems to be
utterly broken and useless),
- private investigators checking claimed identities,
- probably unexpired and possibly submarine patents
- advertising, propaganda, and other "jockeying in the commercial
space."
Ok; I think I understand what you mean by "fancy", and with that
definition I agree with your position.
of variations to this approach that I think might be workable,
such as a mail protocol where the sender first sends a "i'm
about to send a message" message, and the receiver generates a
key pair, sending the arbitrary "public" key to the sender, who
then uses it to encrypt the message,...
Please read about simple crypo-based authentication.
If you had read the rest of the message, you would've realized that
those won't work, since they place the calculation burden on the
wrong party.
I tried to read the message, but the sense I got from it conflicted
with what I understand of public key encryption and signing.
That's because it didn't have anything to do with encryption /
signing. See below.
It
suggested you knew less than nothing of the subject and I was trying
to say as much as politely as possible. If that inference was wrong,
I appologize.
Apology accepted.
Unfortunately, rereading your quoted text above several
times does not disperse my original inference. For example, I'm
troubled by the notion that a stranger could authentiate itself merely
by preceding the mail message with a session key exchange.
Ah; that's because I suppose I wasn't as clear as I thought I was
about the purpose of what was proposed. It has nothing to do with
authentication, but instead is merely a mechanism to make the task of
sending unsolicited messages very resource (specifically CPU)
intensive, such that the current spammer strategy of sending millions
or billions of messages is simply not technically viable due to the
tremendous amount of resources that would be consumed. Right now,
the spammers are essentially parasites, in that the resources they
are consuming mostly belong to someone else. The purpose of the
proposal was to provide a "minimum cost" to the act of sending the
email. In principle (but not quite in practice, for the obvious
reasons), it could be as simply as passing the sender a product of
primes, etc. and demanding that he factor them before accepting the
message. As you (or someone else, sorry; I've lost track) pointed
out, this is particularly unfair to legitimate bulk mailers, but I
think that problem could be solved by a whitelist approach (which
itself implies the need of some authentication and authorization
system, which is beyond the scope of what I was proposing).
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg