-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John -
I think that PGP signing all outgoing email is a great step at providing a level of authentication and validation for non-secure-channel communications. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlP08C4ACgkQlZlwDwi+7aiOawCgsR1wcbMRql7s27u1rsdOivq8 xTsAmwXsdzlQtlHtLwe4ltyN1fJ/QtwM =JEUg -----END PGP SIGNATURE----- -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of John Curran Sent: Wednesday, August 20, 2014 10:09 AM To: Ted Mittelstaedt Cc: [email protected] Subject: Re: [arin-ppml] Access to list of Number Resources with no valid POCs On Aug 20, 2014, at 12:24 PM, Ted Mittelstaedt <[email protected]> wrote: > > Hi John, > > Embedded URLs are not really the problem - the problem is > MIME-encoded email and HTML-encoded email that have the embedded URLs. > > If you are sending clickable URLs out in pure ASCII (text) emails > then there isn't any problem. The fact is that many email clients > when they see URL's in ASCII mail will make them "clickable" A pure > text email cannot hide a different URL behind one URL. > > In an ideal world the URL would not exist in the email, because including it > helps to legitimize the practice. > > But in practicality the most important thing is getting validation > that the email address is being read by a human being, and the > embedded URL does accomplish that. It may also be that the > destination email address is something like "[email protected]" > and is being forwarded to a recipient who's knee-jerk Reply would be > to send the reply with a different senders address than what you > emailed to. (which might complicate parsing the replies) > > Since your getting significant returns on the clicks then you should > continue to use them - but my vote would be to ONLY use them in TEXT > emails. > > I know that sending pure text emails is out of fashion - since that > precludes people putting in all kinds of fancy logos and formatting > which they believe are necessary to the continuation of the species - > but us old timers were formatting ASCII-only email since before most > of the young whippersnappers out there were in diapers. ;-) Ted - Point taken (and I am a huge fan of plain text email :-)... I will look into any downsides to this approach and report back to the list. Curious, would it help if ARIN pgp-signs the verification message with our [email protected] account? Does this change the requirement for plain text email? Thanks! /John John Curran President and CEO ARIN _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
