On 2-feb-04, at 0:47, Jari Arkko wrote:
I think the hard question is what level of "authentication" to require.
I am pretty sure 99.99% of users want better protection against spoofed
addresses than we currently have. But I am not sure they are willing to
go as far as mandating a global PKI of all e-mail users. So what's
left, then?
Per-user strong authentication already exists in PGP and S/MIME. No
need to reinvent the wheel, especially as it seems most people seem to
be able to live without this feature today.
Another approach would be to authenticate servers, and trust servers to
authenticate their users. Since there are orders of magnitude less
servers than users, and unlike users, servers are typically reachable
24/7, this makes the whole key distribution problem much easier to
handle. Anyone feel it is unreasonable to force people who want to run
their own server to get a certificate for it? (Assuming a selection of
roots, no verisign lock in of course.)
A third approach would be return routability. This is a simple
verification procedure that's implied in protocols like TCP and
explicitly used in protocols such as mobility for IPv6. This could work
as follows: when X has a message for Y, X contacts Y and says "I have a
message for you from a(_at_)x with message id 23, come get it when you're
ready" and then Y gets to think about this for a while and finally
initiate a session towards X and request the message.