On Fri, Jul 04, 2003 at 11:14:03AM -0400, Kee Hinckley wrote
1. Like many systems, this ties in tightly with identity. If I move
to a new ISP (or Comcast gets sold *again*) my email address changes.
How do I manage notifying all of my contacts.
If it's important enough, get a personal domain, even if it's only a
cheap email+web re-direction service to your physical ISP. You get to
keep the address when you change ISP.
2. If a consent token does degenerate to a password, then two
problems occur. One, it can be sold along with your email address,
just as email addresses are sold now. You've basically made it
simple for someone to transfer your consent. the only way around
that is to tie a consent token to the sender, which means complicated
software, and a knowledge of what addresses will be used to contact
you. (Again, I think people working on this should focus first on a
URL scheme for whitelisting. E.g.
whitelist:some-piece-of-information-identifying-senders.)
PGP (and GPG) already exist, and have been in use long enough that
submarine-patents are unlikely (never say "never"). Front-ends for
signing exist in Windows, even. No need to re-invent the wheel.
--
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg