[Top] [All Lists]

Re: Rethinking Receipt

1998-04-15 13:06:34
From: Paul Hoffman / IMC <phoffman(_at_)imc(_dot_)org>

ESS-style receipts are different than either of these.

  I'm not up to speed on DSNs and MDNs, so forgive me for the
possibly stupid question:

DSN: server-to-server notification of transit
MDN: human recipient tells sender what he did with the message
ESS Receipt: UA-to-UA notification that sender's signature verified
reply: user does a reply-to email or news

Assuming all four of the above message types use integrity and
  authentication protection provided by CMS/ESS,
and assuming that all four have a requirement to provide an integrity-
  protected link from the response back to the original message it is
  responding to,
then why do you regard using an ESS SignedContentReference (or
eSSSecurityReceipt) a layering violation for some of the message types
(DSNs/MDNs) and not for others (ESS Receipts)?

How about the reply case, where the user wants to say "I agree with
your proposal" and wants to guarantee that his reply is unambiguous
without including the entire original text in the reply?

Dave Kemp

<Prev in Thread] Current Thread [Next in Thread>