ietf-mailsig
[Top] [All Lists]

Re: semantics of the signature

2004-10-07 13:16:03


On Oct 7, 2004, at 2:36 PM, Jim Fenton wrote:
There are use cases that depend on the relative anonymity that we currently have in the mail system, and we should preserve that behavior.

Can you elaborate the use cases that need anonymity? It isn't that I disagree with this point, but that I just don't know what you are talking about. I'm sitting here thinking, "As a receiver, I don't care to receive email from anonymous sources."

In your subsequent comments, I think you have interpreted "transit-time" as the time between MTA hops. Transit-time could also be the entire path between when the sender pressed "send" or equivalent, and when it was displayed to the recipient. This means that it could be an end-to-end mechanism (which is what I think we need) and not just hop-by-hop.

I agree with this.

We should probably break that question down into (1) whether a MIME encapsulation must be required for all signed messages and (2) choice of keying model (certificates, web of trust, etc.). IMO there are enough problems with issue (1) that we don't need to go further.

For those of us that do not know better, what are the problems with MIME encapsulation?

-andy


<Prev in Thread] Current Thread [Next in Thread>