Under this proposed law, will ISPs have to scan *all* SMTP traffic and record the envelope, or only the traffic for which they actually do SMTP forwarding? If the latter is the case, we can simply go back to the original end-to-end SMTP delivery model; no POP/IMAP or any of that stuff. If the former is the case, well, so long as they don't outlaw crypto, ISPs can't sniff SMTP going over IPsec, now, can they?
Of course, outlawing crypto or declaring that anyone who terminates an SMTP connection, including end-users, is considered an ISP for the purposes of the law solves their problem. /ji --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]