At 09:41 AM 10/1/2004 -0400, James M Galvin wrote:
What I don't get - and perhaps it's just me in which case I would
appreciate being educated - is how the problem stated in the charter of
this group (adding signatures to email) is a different problem than has
already been solved 5 times over for email?
Having read through the subsequent messages on the list, one aspect I haven't
seen mentioned is that the semantics of the signatures is different. What's
important in this space is not whether I'm "Jim Fenton
<fenton(_at_)cisco(_dot_)com>" as my PGP key says I am, but whether the
administrators of my domain agree that I'm authorized to send mail using that
address. They had no part in the creation and distribution of my PGP key, and
have no way to revoke it should I become disassociated. This disqualifies at
least some of the "5" existing solutions to this problem.
-Jim