Eddy Nigg (StartCom Ltd.) wrote:
> Michael Ströder wrote:
>> Nelson Bolyard wrote:
>>
>>> It seems that most of the world's email users have moved away from
>>> running their own MUA programs to using webmail.
>>
>> Do you have any statistics proving this? I doubt that.
> Michael, I think that Eu
Michael Ströder wrote:
> Nelson Bolyard wrote:
>
>> It seems that most of the world's email users have moved away from
>> running their own MUA programs to using webmail.
>>
>
> Do you have any statistics proving this? I doubt that.
Michael, I think that Europe behaves quite differently tha
Daniel Dreymann wrote:
> On Dec 15, 7:04 am, Michael Ströder <[EMAIL PROTECTED]> wrote:
>> Daniel Dreymann wrote:
>>
>>> CertifiedEmail is a third- party signature system. First we accredit
>>> senders to establish wether they are good players with a good email
>>> reputation. Then, once they are a
Nelson Bolyard wrote:
>
> It seems that most of the world's email users have moved away from
> running their own MUA programs to using webmail.
Do you have any statistics proving this? I doubt that.
> It was the recognition
> of that fact that, IMO, cause MoFo to lose interest in Thunderbird.
Nelson Bolyard wrote:
> c) If webmail users are to be able to sign or decrypt mail using the
> webmail service itself, their keys must be stored by the webmail
> provider. That's a can of worms, a massive headache for the webmail
> providers that they'd rather avoid (and do). Then there's the who
Daniel Dreymann wrote, On 2007-12-15 23:52:
> On Dec 15, 11:01 pm, Nelson Bolyard <[EMAIL PROTECTED]>
> wrote:
>
>> I think not. In a world where non-signed email is discarded, and all
>> spam is signed, the verified sender identity becomes a basis for the
>> user to impose reputation filters of
Nelson Bolyard wrote:
> a) My own extended family. Years ago, I helped each and every one of
> them setup the email clients in their Netscape Communicators to work
> with their ISPs' email accounts. I did this when they transitioned from
> Netscape to Mozilla too. Today, besides me, only two of
Daniel, just a few more...
Daniel Dreymann wrote:
> OK, so we agree that an EV without reputation should NOT provide
> benefits, yes?
"EV" stands for extended validation...if this isn't a benefit than tell
me what is (yes, I know...it's called GoodMail so don't mention that)
> So, we, at Goodmai
Hi Daniel,
Daniel Dreymann wrote:
> On Dec 15, 6:45 pm, "Eddy Nigg (StartCom Ltd.)"
> <[EMAIL PROTECTED]> wrote:
>
>> Daniel, sorry to be interruptive, but let me clarify this...your system
>> has (almost) nothing to do with identity validation, signing and
>> encryption and is all about fighti
Eddy Nigg (StartCom Ltd.) wrote, On 2007-12-15 18:14:
>> It seems that most of the world's email users have moved away from
>> running their own MUA programs to using webmail.
> Oh no...now you have also fallen into this hype?
No hype. I came to this conclusion based on my own direct observa
On Dec 15, 11:01 pm, Nelson Bolyard <[EMAIL PROTECTED]>
wrote:
> I think not. In a world where non-signed email is discarded, and all
> spam is signed, the verified sender identity becomes a basis for the
> user to impose reputation filters of their own. Spam me, and I filter
> out all future em
On Dec 15, 6:45 pm, "Eddy Nigg (StartCom Ltd.)"
<[EMAIL PROTECTED]> wrote:
> Daniel, sorry to be interruptive, but let me clarify this...your system
> has (almost) nothing to do with identity validation, signing and
> encryption and is all about fighting spam. Am I correct with this
> assumption?
Daniel Dreymann wrote, On 2007-12-15 17:26:
> The token includes a hash of the message (submitted to us by the
> sender), hence each the token is unique and valid for one specific
> message only.
I see. So it's also a form of rate control, traffic shaping.
> The entire body and selected headers
Daniel, sorry to be interruptive, but let me clarify this...your system
has (almost) nothing to do with identity validation, signing and
encryption and is all about fighting spam. Am I correct with this
assumption?
Daniel Dreymann wrote:
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Daniel Dreymann wrote:
>
> The accreditation is done once (like a CA) but, unlike a CA, we stay
> in the loop: we control usage (we dispense the tokens) and monitor
> complaints in real time (feeds from the mailbox providers) so we can
> take immediate action and shut down a compromised sender.
Li
Nelson Bolyard wrote:
> Eddy Nigg (StartCom Ltd.) wrote, On 2007-12-13 03:32:
>
>> Oh wellmaybe I'll come of with yet another standard:
>> StartComVerySecureAndGoodEVCompatibleSSL/SMIME
>>
>
> I think that's a great idea, Eddy. Now you just need to do the one
> extra thing that Goodma
On Dec 15, 3:37 pm, Nelson Bolyard <[EMAIL PROTECTED]>
wrote:
> Daniel Dreymann wrote, On 2007-12-14 14:41:
>
> > The embedded certificate is only a tool. CertifiedEmail is a third-
> > party signature system. First we accredit senders to establish wether
> > they are good players with a good email
On Dec 15, 7:04 am, Michael Ströder <[EMAIL PROTECTED]> wrote:
> Daniel Dreymann wrote:
>
> > CertifiedEmail is a third- party signature system. First we accredit
> > senders to establish wether they are good players with a good email
> > reputation. Then, once they are accredited, we certify *indi
Eddy Nigg (StartCom Ltd.) wrote, On 2007-12-13 03:32:
> Oh wellmaybe I'll come of with yet another standard:
> StartComVerySecureAndGoodEVCompatibleSSL/SMIME
I think that's a great idea, Eddy. Now you just need to do the one
extra thing that GoodmailSystems did: get the webmail providers to
Michael Ströder wrote:
> Daniel Dreymann wrote:
>
>> CertifiedEmail is a third- party signature system. First we accredit
>> senders to establish wether they are good players with a good email
>> reputation. Then, once they are accredited, we certify *individual*
>> messages,
>>
>
> But thi
Daniel Dreymann wrote, On 2007-12-14 14:41:
> The embedded certificate is only a tool. CertifiedEmail is a third-
> party signature system. First we accredit senders to establish wether
> they are good players with a good email reputation. Then, once they
> are accredited, we certify *individual*
Daniel Dreymann wrote:
>
> CertifiedEmail is a third- party signature system. First we accredit
> senders to establish wether they are good players with a good email
> reputation. Then, once they are accredited, we certify *individual*
> messages,
But this initial accreditation is done once.
> i
On Dec 13, 3:25 am, Brad Hards <[EMAIL PROTECTED]> wrote:
> Is it really "EV" equivalent? Is there really enough rigour being applied to
> make sure these people are "really nice and friendly"? How doesgoodmail
> make sure it isn't being spoofed?
The embedded certificate is only a tool. Certifie
Michael Ströder wrote:
> Arshad Noor wrote:
>
>> So, if I understand this correctly, the primary difference
>> between what this message contains and S/MIME is that they
>> chose to use a proprietary format for securing the e-mail
>> as opposed to an industry standard that has been around for
>>
Arshad Noor wrote:
>
> So, if I understand this correctly, the primary difference
> between what this message contains and S/MIME is that they
> chose to use a proprietary format for securing the e-mail
> as opposed to an industry standard that has been around for
> nearly 2 decades and is impleme
Nelson Bolyard wrote:
Maybe this is news only to me. :-)
There is something out there called Domain Signatures (I think), which
is meant to be processed by your Email ISP and converted into something
that supposedly you trust.
The push for this is the need to get 'quiet' signatures becaus
No, this is news to me too, Nelson.
So, if I understand this correctly, the primary difference
between what this message contains and S/MIME is that they
chose to use a proprietary format for securing the e-mail
as opposed to an industry standard that has been around for
nearly 2 decades and is im
Oh wellmaybe I'll come of with yet another standard:
StartComVerySecureAndGoodEVCompatibleSSL/SMIME
Please add my super secure standard to NSS and add a specially colored
UI indicator to ThunderBird and Firefox (prefered color is green). Much
appreciated.
Nelson Bolyard wrote:
> Maybe this
On Thursday 13 December 2007 09:53:51 pm Nelson Bolyard wrote:
> So, one wonders:
> - Does signed email become something only EV-eligible parties can send?
Is it really "EV" equivalent? Is there really enough rigour being applied to
make sure these people are "really nice and friendly"? How does
Maybe this is news only to me. :-)
Today I received an email from a nationally known merchant with whom I
have done a lot of business. The mail headers included a number of
things I had never seen before (shown below). A very brief examination
showed that those headers included these items, all
30 matches
Mail list logo