On Mon, Dec 08, 2003 at 01:06:41PM -0800, Hallam-Baker, Phillip wrote:
|
| This is a combinatorics problem, 50 million domain names, 10 global cas if
| that. Clearly there is a reputation issue. I don't want a verisign cert with
| extensive validation to be worth no more than a bucket shop ca cert where
| the end entity is not validated beyond checkin payment clears.
|
| The real issue is whether the accreditaion system is open. If people can
| list the accreditations they have accumulated feedback filters will quickly
| converge on giving them the correct weight.
|
Validation implies revocation --- if a VeriSign customer turns out to be
a spammer, what's the punishment? Do you refuse to renew them? If the
renewal period is 1 year, they could spam for the rest of that year with
impunity.
I'm probably not seeing something obvious.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡