Folks,
Thanks for the diverse and interesting feedback. I'm replying to
each message off-list, not to burden the entire ietf.org
discussions. I'm also collecting all comments for an Internet
draft to be submitted to the IETF. If you have further comments,
I suggest you send them to me privately. I'll post here a URL
for the draft text, and comments, before the draft is submitted.
The motivation for this work is that, today, email is still the
equivalent of sending and receiving postcards. Open for anyone
("friends" and foes alike) to read and even write on them. In
the postal mail paradigm this is indeed useful ... but only for
trivial messages between friends.
Someday, however, users will want to stop using postcards for all
their electronic conversations. At that time, at zero added cost,
we can easily introduce a mandatory per-message burden to spammers
and make it backward compatible (so that we don't disrupt anything).
The proposal points out that both goals (privacy and anti-spam) can
be served not with signing but with encryption (even though, as an
add on, signing may also help).
Of course, there will always be those who want to use postcards for
their communication and that's why current postcard email should
be preserved in any proposal to make email private.
Cheers,
Ed Gerck