Jon,
a mechanism that is based on smtp is a channel mechanism. a mechanism
that has an arbitrary smtp server needing to trust information
provided from the origin is, by definition, a chain of trust model.
JK> I think I know what you mean. If "trust" can be established *only* in that
JK> channel, then yes, you'll have a chain of trust (possibly degenerate:
JK> links, 1). If "trust" can be established otherwise (out of band), then you
JK> don't need such a chain.
correct. typically, this is the key difference between a channel
trust mechanism versus an object trust mechanism. the channel must
maintain trust at each step. the object does not care how it travels.
the real trust relationship is between the end-points and independent
of the channel.
JK> I think you're putting the cart before the horse
JK> here, and making an unwarranted assumption. It's yet to be determined that
JK> we'd want to restrict ourselves to supporting establishment of trust (if
JK> that's what we want to call it) in-band, or that any sort of "trust" model
JK> is useful to us here.
I was not specifically lobbying for a particular choice, here. I was
lobbying for being clear about the nature of particular proposals.
d/
--
Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
Brandenburg InternetWorking <http://www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>