Da: Jose-Marcio Martins da Cruz <Jose-
But also I have many **shared** identities. These identities correspond to
email addresses
(administrative or not) which resolve to many people. I can hardly see some
kind of
management of *shared consent* for these addresses.
If you mean by shared consent that all receivers must agree on consent, I think
it can' t be done in a usable way. However, shared addresses usually mean that
the consent of one of the receivers suffices. Then, from a technical
perspective, it can be partially done. Anybody can distribute tokens for the
address, and upload them to the MTA database. Since it is the MTA database that
matters for filtering, messages will be properly accepted/rejected. Should a
token need to be invalidated, any of the receivers should be able to do it,
even if the token is not in his7her address book, again because its the token
on the MTA that matters. However, they will need to cooperate in order to
understand e.g. whose system has been compromised, since only one will probably
have associated the token to an address.
The main problem is, probably only one of the receivers will have a proper
token for answers, unless some shared repository is implemented. I didn't
consider this issue.
---
---
Claudio Telmon
claudio(_at_)telmon(_dot_)org
http://www.telmon.org
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg