--On Friday, January 14, 2005 4:57 PM +0000 David Woodhouse
<dwmw2(_at_)infradead(_dot_)org> wrote:
> Third, we could do only a single hop from one system to another. That's
> what IP-based blacklists do, that's what SPF actually achieves, and
> that's what CSV does. And that's what the proposed TLS-based system
> would do, too.
I'm partial to this option.
In case it isn't obvious, I'm more than partial to it - I think it is the
only one that stands a chance of deploying.
However, I think we can do one step better, which is to carry the
signature for each single transaction with the message. This gives a
recipient more information with which to manage their black/grey/white
lists.
I guess I have no problem with linking the signatures together as long as it is
clear there is no expectation the inner signatures are necessarily going to be
verifiable. And while I can envision this information being useful
for specific *listing applications, I am doubtful that it will be all
that useful in general.
Add a reputation system on the side (separate work item) and then we've
really got something.
Agreed it's a separate work item, but one we absolutely have to do.
Ned