On 9/7/2014 7:54 AM, Pete Resnick wrote: > On 9/7/14 11:09 AM, Dave Crocker wrote: > Signatures, just like encryption, are part of cryptography. If you are > doing cryptography (in the way we normally do so for e2e encryption),
At the level of "if you can get keys you can do either", sure. Arguably the nature of the trust assessment issues is different for the two, but that could get esoteric. >> So you want to eliminate anonymous communications? Anonymity has >> historical importance for some kinds of communication. > > Pseudonymity (i.e., a signature that is not attached to a particular > human identity) may be sufficient for most cases. Might. Might not. We have little operational experience with some of these constructs in the practical world. I'm pushing back about all this because we need much more cautious language about the efficacy and risks of these approaches. In effect, I suggest approaches be characterized as (potentially) useful options, rather than likely or certain "solutions". Given the way these topics tend to be discussed, that distinction is fundamental. > Doing so would still > require a prior-to-real-communication step of me allowing that signature > into my whitelist/contact list/whatever. For my personal email, I am > perfectly willing to say, You (and I and everyone else on this list) are not representative users. Most of the human factors experience in this realm is that average users don't appreciate the extra hassle and don't perform well with the additional tasks. So if you want these mechanisms to scale, they require thinking very differently about end-user load. >> My point is not that signing is bad or checking against address books is >> bad, but that mandating such things constrains legitimate communication >> in important ways. > > Let's not miss the point that we are *currently* constraining legitimate > communication in important ways, as my weekly hunt through my spam > folder and my occasional out-of-band, "Why did my mail bounce?" > complaint amply demonstrate. I choose my tradeoffs, I get the advantages > and disadvantages of those tradeoffs. You haven't heard me suggest maintaining the technical or operational status quo and ignoring the problem, nevermind the amount of time I spend in the world of m3aawg.org and more recently Levison's effort. Again, my concern is ensuring adequate caution about unintended (as well as intended) consequences. The very consistent tendency of folk making proposals in this space is to be quite cavalier about the human communication downsides from imposing excessive constraints. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
