Authenticating email
Kris Sorem Sr
pmmail@rpglink.com
Sat, 06 May 2000 09:07:31 -0700 (PDT)
On Wed, 03 May 2000 09:02:11 -0400, Jonathan B. Bayer wrote:
>At least with registered smail, the mailman gets a human signature.
>Yes, it can be forged, yes, it may not be the same person. But at
>least there is some physical evidence which can be used for
>authentication purposes. If someone swears they didn't receive
>something, and the PO supplies a signature, the police can compare
>signatures to see if it belongs to the person or not. Not perfect, but
>still understandable to most people.
The technology for this concept has been (or is being) developed. Intel
created the /processor ID/ that privacy issue advocates fought against. It
provides for the equivalent of a smail address. Credit card/ATM companies
are developing /thumb scan/ verification to replace signature. Thus a
/certified/ email would be - an email sent to a specific processor after
receiving a thumb scan verification. /Registered/ email would be - email
sent to a specific processor after receiving a thumb scan verification and
the email is encrypted or locked by digital key. ISP could send
notification of certified or registered email that notified you who sent
it and when while still delivering all other email.
Don't look for this anytime soon. There are too many exploitation issues
to be worked out before it would be accepted. For instance, that only a
POP/IMAP server could request the processor ID (to block web tracking).
--
/s/~Kris <norseman@humboldt1.com>
-------------------------------+---------------------------------------------