On 08/31/2013 02:53 PM, John Kelsey wrote:
I think it makes sense to separate out the user-level view of what happens.
True. I shouldn't have muddied up user-side view with notes about
packet forwarding, mixing, cover traffic, and domain lookup, etc.
Some users (I think) will want to know
Some comments, only.
On 30/08/13 11:11 AM, Ray Dillinger wrote:
Okay...
User-side spec:
1. An email address is a short string freely chosen by the email user.
It is subject to the constraint that it must not match anyone else's
email address, but may (and should) be pronounceable
I think it makes sense to separate out the user-level view of what happens (the
first five or six points) from how it's implemented (the last few points, and
any other implementation discussions). In order for security to be usable, the
user needs to know what he is being promised by the
Okay...
User-side spec:
1. An email address is a short string freely chosen by the email user.
It is subject to the constraint that it must not match anyone else's
email address, but may (and should) be pronounceable in ordinary language
and writable with the same character set
On Fri, 30 Aug 2013, Ray Dillinger wrote:
3. When an email user gets an email, s/he is absolutely sure that it comes
from the person who holds the email address listed in its from line.
S/he may or may not have any clue who that person is. S/he is also
sure that no one else has
On 08/30/2013 01:52 PM, Jonathan Thornburg wrote:
On Fri, 30 Aug 2013, Ray Dillinger wrote:
3. When an email user gets an email, s/he is absolutely sure that it comes
from the person who holds the email address listed in its from line.
S/he may or may not have any clue who that