From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <37477b39bbe70b4ef8ddcfdb150ea72e@caldo.demon.co.uk> To: 9fans@cse.psu.edu Subject: Re: [9fans] spam rejection after reception does have limits From: Charles Forsyth In-Reply-To: <020001c3859e$d209f220$b9844051@insultant.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Date: Sun, 28 Sep 2003 11:16:41 +0100 Topicbox-Message-UUID: 521b020c-eacc-11e9-9e20-41e7f4b1d025 >> PS: I don't have a problem with each mail recipient acting as its >> own CA and issuing certificates left, right and centre that can be >> used to further certify agents on behalf of the sender. X.509's >> certification hierarchy allows for this and it may be best employed >> as a certification audit trail. >you don't understand the the faults of PKI. issuing certs left right and >center breaks the 'trust'. paying money to root CA's (which i don't trust) >is a waste of money and time. there has been quite a bit of work done and published before and after x.509 (and PGP as well for that matter). i recently discovered http://www.anu.edu.au/people/Roger.Clarke/EC/Bled03.html, which is quite a good brisk survey, with trenchant observations. Carl Ellison has a good web site with lots of useful links: to other good web sites: http://world.std.com/~cme/html/spki.html. aside: the parent site has a link that takes a good whack at ASN.1 ``ASN.1 is viewed differently by writers of standards and implementers. Neither group is unanimous in its evaluation, but it tends to be predominantly favoured by the former and predominantly despised by the latter.'' http://world.std.com/~cme/P1363/asn1.html ``... for a total code size [for ASN.1] of 55085 characters, as compared to the original 48 characters [for the obvious if less flexible C version] ... an expansion in code by a factor of 1148''