A Trial Balloon to Ban Email?

Nomen Nescio nobody at dizum.com
Thu May 8 21:50:02 EDT 2003 

Lauren Weinstein, founder of People for Internet Responsibility, has
come out with a new spam solution at http://www.pfir.org/tripoli-overview.

According to this proposal, the Internet email architecture would be
revamped.  Each piece of mail would include a PIT, a Payload Identity
Token, emphasis on Identity.  This would be a token certifying that you
were an Authorized Email User as judged by the authorities.  Based on
your PIT, the receiving email software could decide to reject your
email.

   It is anticipated that all Pits considered acceptable by the vast
   majority of all Tripoli-compliant software user would be digitally
   signed by one or more designated, trustworthy, third-pary authorities
   who would be delegated the power to certify the validity of identity
   and other relevant information within Pits.

In other words, here comes Verisign again.

   It is anticipated that in most cases, in order for the sender of an
   e-mail message to become initially certified by a Pit Certification
   Authority (PCA), the sender would need to first formally accept
   Terms of Service (ToS) that may well prohibit the sending of spam,
   and equally importantly, would authorize the certification authority
   to "downgrade" the sender's authentication certification in the case
   of spam or other ToS violations.

Thus you have to be politically acceptable to the Powers That Be in
order to receive your license to email, aka your PIT.  And be careful
what you say or your PIT will be downgraded.

Unfortunately he doesn't discuss various crypto protocol issues:

If the PIT is just a datum, what keeps someone from stealing your PIT
and spams with it?

If the PIT is a cert on a key, what do you sign?  The message?  What if
it gets munged in transit, as messages do?  You've just lost most of
your email reliability.

Or maybe you sign the current date/time?  Then delayed mail is dead mail.

Or maybe you respond to a challenge and sign that?  That won't work if
relays are involved, because they can't sign for you.

Spam is a problem, but it's no excuse to add more centralized
administrative control to the Internet.  Far better to go with a
decentralized solution like camram.sourceforge.net, basically a matter
of looking for hashcash in the mail headers.  This raises the cost to
spammers without significantly impacting normal users.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list