ietf-asrg
[Top] [All Lists]

Re: [Asrg] S/MIME

2004-03-22 15:39:23
Isn't that what DNSSEC is suppose to address?  That certainly doesn't have
the scalability problems like PGP.

George

----- Original Message ----- 
From: "Barry Shein" <bzs(_at_)world(_dot_)std(_dot_)com>
To: "Mark Baugher" <mbaugher(_at_)cisco(_dot_)com>
Cc: <asrg(_at_)ietf(_dot_)org>
Sent: Monday, March 22, 2004 10:28 AM
Subject: Re: [Asrg] S/MIME



On March 21, 2004 at 15:10 mbaugher(_at_)cisco(_dot_)com (Mark Baugher) wrote:
 >
 > If we get forgery under control, then it is possible to apply
reputation,
 > accreditation, blacklisting and other techniques to manage spam.  What
am I
 > missing?

That the USPS (and no doubt others) haven't been able to make much of
a dent in this in 200+ years?

There's a paradox here. Authentication etc costs money, even if just
microcents it adds up in some contexts. People want e-mail to be
essentially free.

I think we can probably find ways to prevent people from bringing fork
lifts into the all you can eat buffet. But fraud and authentication in
general is a huge topic which probably is best solved by someone
figuring out a model for a "charging for authentication business",
akin to registered or certified mail.

Put another way, it's one of those problems that seems to be easy on a
very small scale (exchange PGP keys with your friends), but becomes
very hard as you scale it up, particularly if the first criteria is
that it must not cost anything.

          -b


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>