Re: Proposal to define a simple architecture to differentiate legitimate

On Sat, 06 Sep 2003 23:07:44 EDT, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu said:

> And as I pointed out, you'll need to create 30,000, because one account 
> doesn't
> allow you to keep track of who has already seen what messages.  And no, you're
> *NOT* allowed to just say "everybody can fetch all the UIDLs and we'll just 
> tag
> them with the subscriber ID" - go read and *UNDERSTAND* section 6.2 of RFC2298
> in order to understand why.
Another reason why you need unique userid/logins for each subscriber - so that
you can prevent forging a UIDL for somebody else to keep them from reading the
message.  Being able to do this (and if you have a shared userid, it's almost
impossible to prevent) would make the Bernstein/Bush flamefest regarding list
censorship look trivial in comparison...

Oh... there's also this thing called "webmail".  Lots of people use them so 
they can
get mail no matter where they are.  Lots of these people will be fundamentally 
stuck
under your proposal, because every time they used a kiosk they'd have to enter
in all 20-30-40 POP servers they had mailing lists on.  Surprisingly enough,
hotmail.com and yahoo.com have a lot of subscribers, you might want to factor
that into your plan....

pgpzjXIjpm5AT.pgp
Description: PGP signature