James M Galvin writes:
For me, John's last sentence is the most important point in all of this
discussion:
> The most that a signature can do is to identify the responsible party.
> There's no point in adding cruft that attempts to go beyond that.
So, I ask, why are we trying to do more than find the immediately
preceding responsible party?
To which I'd say that surely evangelizing TLS for the last
hop out of and into your domain is an easier job than a
completely new protocol? That has most if not all of the
properties you're asking for, and has the huge advantage
that it's an ancient and widely supported spec. I don't know
which MTA Ned was referring to that's broken, but I can't
believe that if people are seriously considering MASS --
which requires significant changes to their mail
infrastructure -- that they wouldn't also consider the far
easier problem of routing around that damage.
Which is why I think that if MASS solves _any_ problem at
all, it ought to be the end domain to end domain identity
problem that S/MIME and PGP -- with their focus on
encryption and end users -- does not easily scale. _That's_
the hole in the protocol suite, not the edge-edge problem.
Mike