From: "Ken Hirsch" <kenhirsch(_at_)myself(_dot_)com>
... If the CAs don't enforce, their
certificates become worthless. Nobody will buy them.
...
I must not have made myself clear. It is the _recipients_ that
decide what policies are acceptable. If senders choose policies
that aren't acceptable, their messages won't get through.
That is the situation we have now, using the certs that are IP addresses.
- all mail carries the practically unforgeable cert of the IP address
of the preceding SMTP client.
- people use public and private blacklists of IP addresses to enforce
their own anti-spam or other access policies.
- some CAs (ISPs) sell certificates (IP addresses) that are less
valuable, because the CAs (ISPs) are known to not revoke them
(terminate service) for naughtiness.
- those bad CAs still manage to sell their less valuable certs (IP
addresses) to people who pay less and then whine and complain
about the unfairness of blacklist lists that list their certs
as issued by CAs that don't care about stopping spam.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg