On Thursday, April 10, 2003, at 10:24 AM, John Fenley wrote:
Why give someone a key at all?
A consent token is like a temporary whitelist(with the obvious
diference that a token can be used by a different sender), so why not
do temporary whitelisting?
the address you send the consent to may not be the address the reply
comes from. Think about mailing lists, responses from amazon.com or
other online services, etc. You want the consent in the token, not in
the address. You may very well not know the address when you give
consent.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg