[buug] Casual Encryption

[Brian Sobolak]

Brian> In other email related news: check out Jon Udell's thoughts
Brian> about using digital IDs as a way to counteract spam.  This
Brian> (besides SpamAssasin) could be the next killer app: a
Brian> technology that doesn't just weed out spam, but prevents it.

Ian wrote:
> I will check it out, but I already have the obvious question: will
> what he proposes handle open mailing lists?

I don't see why not.  The basic principle is this: if you don't provide a certificate that I can inspect and ensure comes from a valid third party _that I trust_, I don't want to receive mail from you.  I don't have to *personally* know you, but I can place trust in Thawte, Versign, or some other authority to ensure that you have provided with credentials.

The bigger problem, beyond open mailing lists, is setting up the software infrastruture to enable this.  No webmail software that I know of supports this (hotmail? ha!) and it's a royal PITA on Outlook, which I actually tried when I had to use it on a regular basis for work.  I'd say that eliminates about 75% of users right there.  How well could you provide a certificate on your MUA of choice?

brian


--
Brian Sobolak
http://www.planetshwoop.com/
sobolak at myrealbox.com