On Thu, 3 Aug 2000, Howard Lowndes wrote:
> Jamie,
>
> <humour>
>
> I can see a number of problems with your concept, though I concede
> that
> there is a burning need.
>
> Spammers are unscrupulous and would somehow manage to get themselves
> "signed" in any case.
>
> Are you going to allow anyone to issue a CA or just the Verisign,
> Thwaites, etc.
I don't imagine a single server, or even single centralised authority.
Imagine more the game of 'six degrees of separation' : I know
Joe, who knows Bill, who knows Sue. Take it further, I trust John,
who trusts Joan. Or Betty is my aunt, who has a niece Dot.
This can be used to establish trust. But the trust is seen from
your point of view.
> What will you do about unverified mail that is genuine. It has to be an
> "everyone in" environment otherwise it just won't work.
Yes and no. Imagine I accept bulk junk mail, but it has to come from
a member of the 'ethical junk mail society'. (Not that hard to imagine,
they donate 5c per email to a worthy charity).
As the system gets up and running, of course you would
still accept any mail. But there are other benefits to belonging,
payment systems, etc.
> What if I am a cyberpariah and no one will sign my authentication, even
> though I might have noble motives.
(Note my wording is wrong. This is a little different to authentication,
it is actually assigning trust).
How did you get that way? By acting irresonsibly without due
consideration to others. How do you redeem yourself? By acting
in a socially acceptable way.
Miss Manners could tell you that :)
There would still have to be lots of opportunities to interact
in unauthenticated ways.
Good points, Howard. Even though I'm arguing against them, I'm not doing
it effectively :)
Jamie
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
