[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: more on starttls, gnutls-cli and using tls for mail
From: |
Stephen J. Turnbull |
Subject: |
Re: more on starttls, gnutls-cli and using tls for mail |
Date: |
Thu, 18 Aug 2011 12:11:14 +0900 |
Tim Cross writes:
> Thanks Karl. It seems there are use cases for using different
> authenticated users based on the from/reply address being used.
> However, it should be noted that this is not due to any requirement
> or limitation of smtp
Lack of a standard authentication method *is* the limitation of
email-as-we-know-it. As Chad points out, there are various standards
available, but SMTP itself knows about none of them, and therefore
none are reliably available.
There is a fundamental requirement of email-as-we-know-it, that it be
a way for any dog on the Internet to get in touch with you. (This is
why Karl and Chad have so many addresses: "address@hidden" means
nothing to most latent correspondents, while "address@hidden"
does, to some fraction that Karl cares about.) On the other hand, the
fact that among the dogs is Dogbert (aka Canter/Seigel et al, not to
mention even less lovable folk such as stalkers) means that private
mailboxes are widely desired.
Lack of a standard authentication method *at the receiving end* means
that there's no single way to identify mail from expected senders at
your *private* mailbox. Lack of a standard authentication method *at
the sending end* means there's no way to guarantee you'll be
recognized by the recipient's private mailbox. So there's no way to
implement reliable private mailboxes. Not even security-via-obscurity
works because your ISP may filter, *must filter*, based on something
other than sender credentials.
It should be obvious that users will evolve complex, *idiosyncratic*
methods to deal with this complex environment, as recipients and
senders implement a variety of partially coordinated solutions to the
problem of protecting mailbox privacy where desired.
I don't know whether this means that smtp-auth-credentials is needed
to implement such methods (presumably not, Are We Not Hackers?), but
I'm a bit surprised that a project sufficiently conservative about
email that RMail is its default MUA didn't follow the usual process of
obsolete'ing the variable before, uh, jerking the rug out from under
people's .emacs'es.
- Re: more on starttls, gnutls-cli and using tls for mail, (continued)
- Re: more on starttls, gnutls-cli and using tls for mail, Leo, 2011/08/14
- Re: more on starttls, gnutls-cli and using tls for mail, Vijay Lakshminarayanan, 2011/08/14
- Re: more on starttls, gnutls-cli and using tls for mail, Leo, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Vijay Lakshminarayanan, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Tim Cross, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Vijay Lakshminarayanan, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Tim Cross, 2011/08/16
- Re: more on starttls, gnutls-cli and using tls for mail, Karl Fogel, 2011/08/17
- Re: more on starttls, gnutls-cli and using tls for mail, Tim Cross, 2011/08/17
- Re: more on starttls, gnutls-cli and using tls for mail, chad, 2011/08/17
- Re: more on starttls, gnutls-cli and using tls for mail,
Stephen J. Turnbull <=
- Re: more on starttls, gnutls-cli and using tls for mail, Vijay Lakshminarayanan, 2011/08/17
- Re: more on starttls, gnutls-cli and using tls for mail, Richard Riley, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, David Engster, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Tim Cross, 2011/08/16
- Re: more on starttls, gnutls-cli and using tls for mail, David Engster, 2011/08/17
- Re: more on starttls, gnutls-cli and using tls for mail, Dimitri Fontaine, 2011/08/15
- Re: more on starttls, gnutls-cli and using tls for mail, Leo, 2011/08/16
- Re: more on starttls, gnutls-cli and using tls for mail, Dimitri Fontaine, 2011/08/16
- Re: more on starttls, gnutls-cli and using tls for mail, Tim Cross, 2011/08/16
- Re: more on starttls, gnutls-cli and using tls for mail, Richard Riley, 2011/08/16