ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Basic Proposals So Far ...

2003-03-27 09:06:22
from [Markus Stumpf] [Permanent Link] 
On Wed, Mar 26, 2003 at 04:18:46PM -0700, Art Pollard wrote:

1) Leave the message on the server and let the client retrieve the message 
allowing for unforgeable addresses.


What I never understood with this setup is:
   How do I as a person know that some server somewhere has a message for me
   without the server sending me an email/notification telling me he has
   email for me.

Alice wants to send me a email. She opens her mail client and writes the
text, fills in my email address.
What happens next?
Do I get a short notification that Alice's server has a message for me
waiting? This would really be a big gain. I have the notice in my
mailbox and I have to make a connection to another server, do some sort
of authentication there (otherwise everyone could retrieve my email).
And of course I would also get a lot of those "notifications" from
spammers. And I would have to wade through them and delete them. What is
the difference to just delete the spam message.
Ok, my mailbox isn't filled with spam, but it's filled with messages
telling me spam is waiting on the servers.

And what if Alice chooses to change the provider? Then she writes from
a different server, even if the has the same email address.
Would you trust the new server or would you just delete the notification?
What is the gain with this system if spammers continue to fake sender
addresses just like they do now?


Also allowing for post-sending cancelation by a sysadmin.


You mean like "the sender wishes to reclaim the message sent to you
earlier?" Surely not without (strong) cryptography. And that would
require a - non existant - distributed Internet wide PKI.

        \Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] email pull (was RE: Authentication ), Vernon Schryver
Next by Date:  Re: [Asrg] 5b. Opt-Out, 2nd version, Vernon Schryver
Previous by Thread:  [Asrg] Basic Proposals So Far ..., Art Pollard
Next by Thread:  RE: [Asrg] The "problem" from an engineering standpoint, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]