[Asrg] Authentication tokens

>> Authentication tokens typically require special software
> provisions on the part of both the sender and the recipient.

> You're new to the list and thus have probably missed some of the
earlier discussion. 

Indeed, and thanks for understanding that.  :-)

> While authentication tokens *typically* require
software support at both sender and receiver, there is a class of them
that only requires software support on the receiver side. These are the
"single user" addresses. I might, for instance, create an address that
authorized you to send me mail. Such an address would look something
like: "bob+1092837@example.com". The "token" part of this address would
be a hash of your "From:" address. With such an address, you don't need
any software on your side to pass the token.

The first problem I see with that is that you basically cannot give your E-mail 
address to anybody without 

 a) knowing EXACTLY what E-mail address they'll be replying from, and

 b) being able to compute on-the-spot the hashcode they'll need to write you.

Besides the issue of TWO users in such situation trying to decide what E-mail 
address to give the other (where EACH's E-mail address will depend on the 
other's address... and neither can give their E-mail address first!) there's 
also (for instance) the case of a mailing list like this one... where each 
person's E-mail address they use for subscribing to the list will appear in the 
messages posted to the list, but nobody other than the listbot can possibly 
reply to them using that address.

While an interesting curiosity, I think that has a lot more problems than my 
permissions-based approach.

Now, one POSSIBLE hybrid that COULD be interesting maybe is to say that E-mail 
arriving without the code token in the E-mail address would be handled 
differently somehow with regard to the permissions list... although at first 
blush, I don't see that it buys you a whole lot that you don't already get from 
just using the sender/recipient address pair to begin with.

>> The whitelist I propose NEVER needs to be sent to anybody,
> ... only just the point where the filtering is done.

>	Even if never sent to anyone, there is still a privacy concern
with whitelists since if they are explicit lists, they provide a single
list of all of your correspondents. 

Actually, they ONLY provide a list of those to whom you have assigned "special" 
rights.  

ISP's e-mail logs ALREADY give those ISPs a list of everyone you've ever 
received mail from, or sent mail to, so I think your argument doesn't really 
impress me very much.

> In many cases, people will feel that
compiling such a list is a risk to their privacy since such a list would
be open to inspection by government agencies under some circumstances
and to employees of an ISP if the list is maintained remotely. 

Again, a red herring... those logs (lists) already exist.

> Even if only maintained on your personal machine, it could be embarrassing if
people with physical access to your machine could discover the full
universe of your correspondents.

They could do the same thing (with access to your machine) by investigating your 
E-mail archives and address book.  Far (far!!) more revealing than ANY mere list 
of trusted senders and the permissions assigned to each.

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment!  Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg