But the recipient Y will be able to tell if he's seen the same stamp
twice. That's trivial to deal with, especially since most modern MUAs
(well, Eudora and Apple Mail, anyway) index their mail archive already
by default.
As for verifying crypto signatures, the public key from the vendor is
needed for that, since the vendor issued the stamp. This is, broadly
speaking, a one-time operation, which happens after the sender vendor's
trustworthiness has been looked up. It's also an operation that could
potentially be offloaded on the recipient's vendor, since the recipient
is probably going to send the stamp there for reimbursement anyway.
This really is amusing in a pitiful sort of way.
Other than STILL trying to create the world's biggest micropayments system
(which really IS a solution in search of a problem, it seems...) what the hell
is the point of worrying about all this?
Who needs encryption, who needs single-use detection?
My idea where recipients can hand out an assortment of "stamp tokens" for free
along with their E-mail address would handle the same issues pretty well. The
person sending would need to include at least one recognized "stamp token"
either in the Subject line or perhaps in an extra header line somehow. The
recipient could have an arbitrary number of "stamp tokens" outstanding and
could
revoke any or all of them any time they wished. Using nonstandard mechanisms
for relating the stamp token required with the E-mail address (and how to
present the stamp token) would pretty well invalidate E-mail address
harvesters.
The recipients' E-mail system could provide a database function to help
identify
past legitimate mailers who had used the compromised stamp token, to alert them
to the changed token.
I don't really care in general for the idea of "stamps" but if you're all going
to fixate like this on the E-postage concept, then you might as well at least
look at other ways to make it harder to send out megatons of E-mail
indiscriminately.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections! http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg