First, I believe that we need some definitions for Anonymity and
Accountability. I see several uses for the term Anonymity when used in this
discussion. Is it Anonymity as it applies to the real life identity of the
Message Originator? Or perhaps Anonymity as it applies to the Message
Origination?
Second, I disagree with the below statement from the requirements document
[2.24.1] because the use of the term "sender" as defined in the requirements
("A computer system, application or process that is the origin...") is used
when I believe we want to specify the person sending the email.
Additionally, there is just cause for preserving sender
anonymity and supporting the use of appropriate 'anonymization'
services that currently exist. Designers must consider the
impact of accountability by a proposal on these systems and
address the issues related to preserving anonymity for
[legitimate] uses.
Specifically, the term "just cause for preserving sender anonymity". Shouldn't
that be "just cause for preserving message originator anonymity"?
Rational:
At the end of the day what we want is to be able to provide a means for
'people' to send email while hiding their identity, right? And as long as ISPs
can provide email addresses without verifying the identity of the person
provided the address then the need of message originator anonymity has been
fulfilled. Thus any proposal that does not force ISPs to verify the message
originator satisfies requirement 2.14. This includes my personal favorite the
RMX type solutions.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg