A Trial Balloon to Ban Email?

Eric Murray ericm at lne.com
Fri May 9 13:17:54 EDT 2003 

On Fri, May 09, 2003 at 03:50:02AM +0200, Nomen Nescio wrote:
> Lauren Weinstein, founder of People for Internet Responsibility, has
> come out with a new spam solution at http://www.pfir.org/tripoli-overview.

[deletia]

 
> Thus you have to be politically acceptable to the Powers That Be in
> order to receive your license to email, aka your PIT.  And be careful
> what you say or your PIT will be downgraded.


Weinsteins proposal is DOA because of the centralized control and the
lack of anonymity (oh, but Pit issuers may issue special anonymous certs
to "applicants with special needs for identity protection (e.g., human
rights groups operating in "hostile" areas, etc.)".  Right.)
The people like us who would implement it won't.

But it's technically possible.  The technological issues are the
easy part.   Creating a new email system is one thing, getting people
to use it is another.  This idea is pretty unrealistic...  sort of the
Underpants Gnomes plan for ridding the world of spam:

1. create completely new parallel email system
2. ???
3. no more spam!


> Unfortunately he doesn't discuss various crypto protocol issues:
> 
> If the PIT is just a datum, what keeps someone from stealing your PIT
> and spams with it?
> 
> If the PIT is a cert on a key, what do you sign?  The message?  What if
> it gets munged in transit, as messages do?  You've just lost most of
> your email reliability.
> 
> Or maybe you sign the current date/time?  Then delayed mail is dead mail.
> 
> Or maybe you respond to a challenge and sign that?  That won't work if
> relays are involved, because they can't sign for you.

I read it as the Pit is a signature over the Pit contents
and the email.   It'd include the certs needed to authenticate
to the appropriate CA.  A PKCS#7 detached signature or
similar structure would work fine.

The crypto part is the one part that's easy.

> Spam is a problem, but it's no excuse to add more centralized
> administrative control to the Internet.  Far better to go with a
> decentralized solution like camram.sourceforge.net, basically a matter
> of looking for hashcash in the mail headers.  This raises the cost to
> spammers without significantly impacting normal users.

See the 'getting people to use it' argument above.
Solve that and any of 20 different technical solutions would work.


Eric


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list