[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-01 16:51:38

On 01/12/15 18:21, Chris Lewis wrote:

On the other hand, we can see that that the lack of that information
presents difficulties to filtering technologies.  When you get a
series of harassing emails from a given site originating from a given
user that's forging from lines and mutating content, you have nothing
concrete to filter on to distinguish it from other email from the same

If you assume the MSA in that case isn't rogue, then there are
a variety of options that could be used in place of the actual
IP address that would have better privacy properties without
being particularly onerous on anyone. For example one could
imagine replacing the MUA IP address value in a Received header
field with something like E(k-epoch, MUA-IP-address) where
k-epoch is some key that changes now and then, perhaps in a
way that requires very little state in the MSA.

The point (for now) is not to recommend that the above be
done but just to note that there are other options that may
not have been considered in the past. Or maybe they were but
the reasonable trade-offs have changed.


Attachment: signature.asc
Description: OpenPGP digital signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>