----- Original Message -----
From: "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net>
To: "Doug Royer" <Doug(_at_)Royer(_dot_)com>
Cc: <ietf-mxcomp(_at_)imc(_dot_)org>
Sent: Monday, April 05, 2004 3:13 PM
Subject: Re: Benefits/costs of authorizing different identities
My own, very strong belief, is that chain of trust cannot work across
the open Internet, farther back than a peer network administration. I
can probably be convinced to trust my neighbor, but my trusting
_their_ neighbor is pretty unlikely.
It might depend on what your neighbor looks like and what he is doing, i.e.
"Profiling."
I poise this exact Profile/Trust survey to our customers.
Given a delivered letter to your mail box, which of the following
will you place the most scrunity?
1) A person with a uniform (recognized sender) and truck (recognized
machine)?
2) A person with no uniform but with a truck?
3) A person with no uniform and no truck? (possibly a neighbor)
What I was trying to get out of this is the position viewpoints for a
stronger "client/server" software relationship in order to build the trust
in the automated delivery process.
Obviously, most people said higher scrunity will be placed on "things" you
don't recognize. But many also pointed out that there are many places
where:
a) Rural or small towns postal services don't have uniforms or even
trucks,
b) They might be uniformed but use their own cars, and
c) They might deliver mail using the postal truck on their way home from
work.
I'm an old city boy so I'm use to the uniformed postman. I have no reason
not to trust him delivering mail. But if I see someone else, that is an
instant red flag.
The point being is that "profiling" is important in today's world. Until
we make the client/server negotiation phase stronger, we will beating our
heads on this problem for a long time.
Just my opinion, of course. You guys are smarter than me :-)
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com