On Mon, Oct 26, 2015 at 02:45:15PM -0400, John C Klensin wrote:
If we decide that the long-established semantics are the right
ones, then I think our email standards deserve to die, because
they don't currently work.
Ted, I think millions of users, passing around tens or hundreds
of millions of messages around a day, would probably disagree
with "don't currently work" or at least dismiss it as rather
extreme hyperbole.
I'll heartily second that. Email is not broken, rather it is
working surprisingly well, under requirements that make some
desirable security properties quite difficult to deliver.
* Ubiquitous reach
* Decentralized provisioning
* Asynchronous one to many communication.
* One to one and one to many forwarding
Various "non-broken" IM systems reduce the volume of abuse by
sacrificing one of more of the key features of email.
Now I can probably think of at least as many
ways in which I think the functionality would be different in a
more perfect world and the ability to positively identify a
sender (or identify spoofed messages or message components) and
to verify that what is received is what was sent, and to do both
without complex arrangements (private key management by end
users as just one example) are high on my list.
And this too, though positive identification is a rather slippery
fish in a world where domains cost close enough to $1 in bulk, and
reputable organizations continue find novel ways to muddle their
identity through various outsourcing arrangements and rebranding
initiatives.
The bad guys can acquire a constant stream of new identities, and
the good guys shoot themselves in the foot by periodically emulating
the bad guys. The brokenness is not a feature of email, it is
rather a feature of scale. I correspond by email with an order of
magnitude or two more people than I contact by IM or similar.
So, if you are going to claim that our existing standards don't
work, I think it would be good to have a clear explanation of
what you mean and what, precisely, doesn't work. Of course, I
can only hope that, contrary to your apparent claim, this
message will reach you in spite of non-working protocols and you
will be able to reply.
Twisting the knife may be overkill. :-)
--
Viktor.