Interesting People mailing list archives
more on TRIPOLI
From: Dave Farber <dave () farber net>
Date: Sat, 10 May 2003 18:00:19 -0400
Lauren did say it is a work in progress djf ------ Forwarded Message From: Tom Goltz <tgoltz () QuietSoftware com> Date: Sat, 10 May 2003 13:08:55 -0400 To: dave () farber net Subject: Re: [IP] TRIPOLI -- An Empowered E-Mail Environment Putting E-Mail Users in Control While Enhancing Security and Controlling Spam At 08:02 AM 5/10/2003 -0400, you wrote:
An Empowered E-Mail Environment Putting E-Mail Users in Control While Enhancing Security and Controlling Spam
...
For Tripoli Pits to be useful resources for e-mail processing and handling, it is absolutely critical that they be certified by external, third-party certification entities. Without certification by trusted third-parties, such an authentication system would be useless since it could not be trusted to provide accurate and valid authentication data.
My biggest concern about this proposed enhancement to email is based on practical experiences with the SSL certificates used to authenticate http servers. Although none of the protocol specifications specify or endorse a particular Certificate Authority, the fact that only certain CA's are included in the web browsers used by 95% of the users has created a de-facto lock-in to a very small set of CA's. Thanks to Verisign's purchase of Thawte Consulting, they now control over 90% of the usable CA's for SSL certificates. As a reflection of that control, annual signed SSL certificate prices have been steadily rising, from around $100/year in 1998 to over $300/year today. If you plan on using SSL for more than your http server, a server-wide set of Verisign-signed SSL certificates costs around $1,000/year. Considering that this amount represents over 60% of my total annual Internet server operations budget, it should not be surprising that I and many other small sites are electing to use self-signed SSL certificates, effectively defeating the ability of SSL to provide authentication. How do you plan on avoiding this problem for Tripoli PIT's? If Microsoft implements Tripoli in Outlook / Outlook Express, but the only PCA they include belongs to Verisign, how are we going to avoid paying a hefty annual "email tax" to this company? While I can set my server to accept unsigned PIT's, if I want to communicate with users of Microsoft's client or server software who haven't modified the default settings, I will have little choice but to pay. From a privacy standpoint, your proposal does not address the procedures that will be used to verify the identity of an entity requesting a PCA-signed PIT. What information is required? Is the PCA allowed or even compelled to archive this information? On what basis will this information be made available to outside parties, either individual or governmental? How are we going to deal with stolen PIT's? This is not a purely academic concern: The attitude in the courts appears to be that the stronger the authentication of a message or transaction, the greater the burden on someone to disprove they conducted the transaction. Compare the legal tradition surrounding credit card transactions, which are effectively unauthenticated to that of ATM/debit transaction that are authenticated by the use of a (supposedly confidential) PIN. As we begin to create authenticated email, we need to carefully consider the legal ramifications and how this could have a positive or negative impact on our daily lives. Tom Goltz (603) 594-9922 ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on TRIPOLI Dave Farber (May 10)