"But MOSS has so many implementation options that it is possible for two
independent developers to come up with two MOSS mailers that will actually
_NOT_ "talk" to each other."
I don't agree. The syntactic structure of a MOSS message is well defined
and there is no reason why two implementations (such as mine and TIS's)
should not happily chatter away to each other. (However, I'll be sending
Mark an encrypted message tomorrow, so we'll keep our fingers crossed
that what I've said here is proved correct!)
The only place there is a plethora of options (and I have taken these as
being options for the user to choose rather than the implementor; and so
have implemented all of them) are the eight possible ways to identify
yourself as the sender of a signed message. Some of these (especially
involving arbirtary strings) seem to offer the possibility of signed
messages that whose origin cannot be authenticated. However, a good
user agent will point out to the user the implications of any particular
signature
- this is from A(_dot_)Young(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk and I trust
it because...
- this claims to be from A(_dot_)Young(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk but
I can't verify
that [without such-and-such further information]
- I ain't got no clue who this one is from
and if this is done properly there should be no problem.
--
Andrew Young Work:
A(_dot_)Young(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk
Department of Computer Science Tel: 0171 419 3688
University College London Home:
andy(_at_)pemcom(_dot_)demon(_dot_)co(_dot_)uk
Gower Street URL: http://www.cs.ucl.ac.uk/staff/A.Young
London WC1E 6BT