> | In short, in such a scheme that would be no need for whitelisting or > | blacklisting whatsoever; the system would be entirely token-based: if > | you hold a token from me (a keyword address) you can send me email. > | If all you have is my public email address, you have to get a token > | first. Whenever I want someone to send me mail (my family, my > | students, my boss, a mailing list) I issue a keyword address for that > | particular purpose. Of course, such a system would require extensive > | database/mail client support to make sure I can issue (and if > | necessary, revoke) keyword addresses quickly and to ensure that I can > | quickly sort my email based on the likely sender. > > I don't see why a database is necessary unless you're planning to revoke a > lot of addresses. What you're describing is already possible with TMDA, and > it doesn't need to store a list of issued tokens. The only odd thing about > it is to issue a challenge that contains a keyword address. >
I understand that TMDA provides this functionality: I'm suggesting a subset of TMDA's functionality, with a twist on it that does away with any need for sender verification. The database is needed to allow you to look up the party who is using a given keyword address, based on the information provided during the successful C/R that allowed that party to obtain the keyword address. (Or information I entered when creating a keyword address that I provide to parties for a specific role/communication purpose.) The former assumes that the C/R process requires that person to provide some information about themselves (could be a name, address, phone number, reason for contacting - at the very least some kind of nym for me to recognize them by.) When a keyword address is used, I'll want to know when/why/to whom either I or my mail system handed it out. That information must be stored in some kind of database. The database is also necessary to look up the keyword address to create a proper "Reply-To:" or "From:" address when sending mail to someone who's obtained a keyword address from you to make sure it's easy for them to reply. - Godmar _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
