From: "Vernon Schryver" <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com>
From: "Ken Hirsch" <kenhirsch(_at_)myself(_dot_)com>
I think any general solution will depend on identity verification, which is
a key part of my plan. Anything else has to build on that. ...
That is a religious view in the sense that it is based on unquestioned
and unquestionable assumptions or axioms that cannot be reconciled
with the differing religious views or axioms behind SMTP. You assume
that accepting mail from perfect strangers is not worthwhile, but SMTP
is built on the opposite assumption.
That's not it at all. I don't have any problem accepting mail from strangers.
But
without identity if you shut down a spammer one place he will pop up in another.
I've thought about this a lot and I don't think there's a way around it.
[...]
A smaller but still insurmountable problem is that the CAs that are
not strangers (e.g. Verisign) cannot be trusted to revoke, or through
no fault of their own, be able to revoke certificates. You have
mentioned having on the order of 1000 CAs.
What I said was "A few dozen to maybe a few hundred". I am quite aware of the
problems with having too many CAs. I definitely want to keep it under a hundred.
Enough for there to be some competition, but otherwise the fewer the better.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg