Jim,
I had not responded to this because I was a bit confused about your
suggestion.
On Oct 6, 2004, at 11:13 AM, James M Galvin wrote:
The primary issue that I am raising is the conflict betweeen the
phrases
"transit-time use" and "authenticate the author or sender".
If the goal is to authenticate the original author or sender, normally
called the originator of the message, then I remain completely opposed
to this working group. To me that goal is "reinventing" secure email
(PGP, S/MIME, whatever) and, speaking personally of course, I have not
seen any compelling reason for doing so.
This is a good point. I agree. Though "transmit-time" seems to be
vague as well. Is it not possible to simply refer to the architectural
model of email and say things like "MUA-to-MUA" or "MTA-to-MTA" or
speak of "border MTAs"?
It is these latter two points that this group needs to decide. What
identity do we want to be asserted? And second, given an identity, how
are we going to retrieve and distribute the public key it uses.
No disagreement here. I've been advocating getting all this, and more,
out in the open.
We also need to decide what we want the identity assertion to mean.
Agreed.
I've proposed above that it means only that the MTA "controls" the
message. Simple, short, and to the point.
So what does this mean to current deployments? This is what confuses
me. I think I agree with the meaning, but which MTAs control the
message? All? If so, does that implicitly mean hop-by-hop?
-andy