Shevek <spf(_at_)anarres(_dot_)org> [2004-02-18/15:33]:
Each user will handle (know?) the secrets?
In this particular instantiation, yes. It may be possible to create an
SRS wrapper which knows the secret, but which is not readable to the
user. The user generally gains nothing from either knowing or selling
the secret, so this probably isn't important. (Since it's inevitably
going to be asked:) If the user is a spammer, then ... why do you have
a spammer as a user? Throw him off.
There's one problem with this reasoning: you might not know that he is a
spammer. When a local user spams from his account, it can be tracked
back to him. If a local user abuses the SRS secret for spamming, it
cannot be tracked back to him. This is a huge difference. Schemes in
which the user knows the SRS secret can only be used on small servers
with a very limited user base, but never for "real world" systems where
you arguably must not trust local users.
Cheers,
Dan
--
Daniel Roethlisberger <daniel(_at_)roe(_dot_)ch>
GnuPG key ID 0x804A06B1 (DSA/ElGamal)