> Please terminate this sub-thread. It has many years of wasted history > on many mailing lists. > > Really. The script this thread will follow has been run so many times, > the pages are tattered.
Dave, I am well aware of past discussions, but something has changed. We can certainly agree that server-to-server encryption is not the best way to provide end-to-end authentication or confidentiality of messages. However, if I was running a spying system and if I was in the business of collecting meta-data, I would love looking at unencrypted SMTP traffic. Suppose that I tap a number of big Internet pipe, at exchanges or on the path to big servers. I can filter out the SMTP traffic with not much effort. Even if the poor schmucks are using PGP or S-MIME, I will be able to read the entire set of RFC-822 headers in clear-text. I can use that to create a database of who sends e-mail to whom, and pretty soon I will have a good idea of the "social network." If I was running such a system, I would hate to see SMTP traffic becoming encrypted. In the past, we did not suspect that someone would run such a system. We were probably naïve. -- Christian Huitema _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
