Re: Authentication and email

["James Kempf" <kempf@docomolabs-usa.com>]

> At 5:15 PM +0200 1/28/03, Gonzalo Camarillo wrote:
> >And after giving them those speeches, we come back "home" to the IETF
> >and say that email security is undoable for our mailing lists for some
> >reason... it seems that MUSTs, SHOULDs and security considerations
> >sections do not apply to us ;o)
>
> This is an absurd argument. The security you are trying to achieve in
> 3GPP is completely unrelated to spam prevention.
>
>

I would more characterize it as a category error.

IMHO, spam reduction has more to do with economics. As long as sending millions
of unsolicited emails is cheap, the arms race between spam filters and spammers
will continue.

As evidence in a similar area, compare the volume of junk mail received by
people in Europe compared to the US. Postal rates in Germany are about 3 to 5
times what they are in the US for the equivalent class and distance. My
brother-in-law, who lives in Nuerenberg, receives almost no junk mail. In
contrast, I was receiving on the average about 10 credit card solicitations a
week last fall, in addition to assorted other garbage. Over the holidays, the
volume of credit card solicitations went to zero, but it has gone back up to 3
this week.

However, I don't think there is a clean technical solution to this problem, like
"use PGP" or "use S/MIME".

                jak