On Wed, Jun 22, 2022 at 11:44 AM John Levine wrote: > If you want reliable identification of the sender, tell them to sign the > messages with S/MIME or PGP. We already know how to do that.
That's half the problem. We need a substitute for a PKI. > Trusted notifier schemes exist and work to some extent but they have > the usual problems of managing reputation at scale, and that any group > of people large enough to be interesting includes people who shouldn't > be there. That's true, and the current state of affairs. The proposal gives traceability to the sender. Right now, afaik, the only way to trace a sender is by IP. It's a bit like biometrics: you can't cancel your IP, but you can cancel a cert. Rob
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
