On 1/24/2012 11:10 PM, John Clizbe wrote: > However, testing I did a few years ago found the amount of SPAM attributable > to > a key on a keyserver was not significantly different from that received as > just > random SPAM noise from an unused ISP account.
My own experience may be worth mentioning. I had (have) an email account that's only ever mentioned in one place, on a certificate of mine. For several weeks it received no spam, and then in the space of a couple of days the spam volume was indistinguishable from any other account. My conclusion from this is once the spammers know they have a hit, they share your email address quickly. The deluge goes from "a trickle" to "a firehose" in the space of a day or two. > The same issues remain untouched just like the countless other times you've > brought up this idea. What are it specifications? Is there any support from > the > IETF OpenPGP working group? Is there an implementation of your idea? While these questions are certainly apt, I'd like to see a firm theoretical foundation for the idea. We don't have a solid theory for how to achieve MFPA's desired end. Until we do, I think all discussion about implementation is premature. Without a strong theoretical foundation, talk about blinded hashes of email addresses is sort of like talk about perpetual motion machines: yes, it would be lovely to have them, but we don't have the first clue how to do it. The burden is not on the critics of these ideas to prove they are impossible: the burden is on the advocates of these ideas to show they are possible. Casting aspersions as to the motives of critics puts one in the same ranks as cancer cure quacks who defend themselves against their critics in mainstream oncology by saying, "well, of course they want you to stay sick." _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
