Authenticating email
Alexander Sarras
pmmail@rpglink.com
Wed, 03 May 2000 14:50:48 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 03 May 2000 08:30:14 -0400, Jonathan B. Bayer wrote:
>>Recently there was a thread on authenticating email. Perhaps the
>>solution lies with ISPs rather than PMMail.
>
>But the same problem exists. All the ISP can do is certify that a
>message was delivered to a computer on a specific date/time. There is
>no way to verify that the computer in question was owned/controlled by
>a specific person. A user can always claim that his/her
>userid/password/encryption key/computer were stolen.
But that argument can be used for smail as well, even for some forms of
registered mail. Since a court wouldn't dismiss _that_ kind of evidence
in normal cirumstances, i cannot, by default, reject the other.
On the other hand, if I'm presented at court with such an email
(tampered, but originally send by me) I'd swear: _That_ letter was not
written by me, and it'd be perfectly legal, as far as I understand
this. Still, neiter do I live in the USA nor am I willing to depend on
court rulings....
626 ;->
SaS
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. und Tochtergesellschaften.
iQA/AwUBORASmJz3fWsdBbz+EQJYYACg6tMgqaXACAPZT4cinXQetkIs4CMAnjX2
42zdWEGWNQ7JmezhPQufe0du
=62vi
-----END PGP SIGNATURE-----