From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <0709ac44e3c21cc35b75d8f441aca754@plan9.bell-labs.com> From: David Presotto To: 9fans@cse.psu.edu Subject: Re: [9fans] ISP filtering - update In-Reply-To: <20030926140924.M19995@cackle.proxima.alt.za> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Date: Fri, 26 Sep 2003 08:21:51 -0400 Topicbox-Message-UUID: 4f58f92a-eacc-11e9-9e20-41e7f4b1d025 On Fri Sep 26 08:15:58 EDT 2003, lucio@proxima.alt.za wrote: > The other option is to use SSL or TLS to carry SMTP (surely such > a thing already exists?) and assign responsibility for delivered > spam to the client establishing the session. It does indeed, our SMTP supports it thanks to Dan. > In other words, I > inspect your certificate, decide I can identify you in front of > a judge and accept the mail. Otherwise, you're out of luck. Yes that is indeed the scheme we're talking about. The problem is proving anything. If most mail is delivered by a third party (i.e. an ISP) and you only have certs belonging to your friends then you have nothing to check unless you have CERTs for the ISPs. Somewhere we need a list of credible ISP CERTs.