On Mar 29, 2005, at 9:54 PM, Sam Hartman wrote:
In general I don't think you will find security people in the IETF are
willing to support a scheme in which a single key is given to a large
number of parties. So, yes, I think portable keys (by which I mean a
key that a mail composer can take with them) will tend to be per-user.
I'm not a security person, but this makes total sense. The risks with
one shared key seem to be obvious.
I'm again struck by the significant disparity in ideas of how email
works between participants of this list and in what level of breakage
can be tolerated.
Had there been better convergence on what "breaking email" means from
the start, we'd likely be done by now.
Personally, relegating remote users to some other
domain seems unacceptable.
I agree.
-andy