William's asked me for more info on TEOS. I've written up an I-D that
explains how I think it works, based on reading the code of the postiva
implamentation. But it's currently circulating around to the people
who wrote the code to be sure I read the code, of which there is a lot,
correctly, so I'm going to wait a few days to get the comments back
before filling in the column.
Its approach is somewhat different than the other signature schemes.
As best I understand it, it signs the visible headers (to, from,
subject, date) and puts a base64 signature string as an extra header
that the recipient can verify. Rather than signing the text, it
annotates the text with a text URL including the signature at the
bottom of text messages or some extra HTML with that URL in HTML. If
the recipient clicks through the URL, it goes back to the signing
agency and shows a window displaying what the signed fields were, and
offering an opportunity to complain if it doesn't match. They didn't
work out much of a key distribution scheme and for now it more or less
uses the browser model in which recipients are presumed to have copies
of all the signing keys.
It was originally intended for bulk mail more than one-to-one mail
(although there are people who do sign their mail with Postiva) and
has some of the same text mangling problems as MIME encapsulation for
individual messages, but the signing model is interesting and worth
thinking about.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"More Wiener schnitzel, please", said Tom, revealingly.