Amir Herzberg
Sun, 01 Dec 2002 09:10:19 -0800
Cryptographically, the solution they (AuthentiDate) offer is basic: timestamping and authentication (non-repudiated origin identification) by a single trusted authority (USPO). I hope it's well implemented and that it would succeed; it can definitely provide a substantial advantage over current e-mail...
I don't think it can help much as solution against spamming, by itself: people will use timestamped mail only when needed, which means you can't filter out all non-timestamped mail. Of course it could help as a mechanisms to filter out new correspondants, if used together with appropriate mechanism for identifying known recipients, which seems to me the right way to handle spam. Two points worth imporving: 1. Their scheme uses a single authority. It would be better to allow use of multiple authorities for reliability, security, and competition (Ok, maybe AuthentiDate as a company prefers to have only one service...) 2. They offer only non-repudiation of origin; it's a pity they don't offer also non-repudiation of submission, this could be really useful certified-mail feature for B2B. The protocols required are not much more complex (see e.g. my recent work http://eprint.iacr.org/2002/084/). Regards, Amir Herzberg http://amir.herzberg.name > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of R. > A. Hettinga > Sent: Wednesday, November 27, 2002 5:07 PM > To: Digital Bearer Settlement List; [EMAIL PROTECTED] > Subject: 'E-postmark' gives stamp of approval > > > >http://seattletimes.nwsource.com/cgi-bin/PrintStory.pl?document_id=3D134580416&zsection_id=3D268448455&slug=3Dcomdex21&date=3D>20021121 > ... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]