Anthony Atkielski wrote: > Public-key encryption of an entire e-mail is extremely > processor-intensive. Which is precisely the goal. It is not so extreme as to make routine mail unusable, but extreme enough to make random bulk mail not worth the cost. > Even conventional encryption is very > time-consuming. You can just hash it and sign the key. That simply provides message integrity, the point is to make the cost for the bulk sender higher than for the individual receiver. > > However, this would be a problem for people in countries that > outlaw encryption. What would they do? Break the law, because it is likely they are anyway for anything that those laws are designed to prevent. ;) Realistically, those situations would be addressed by including a plain text copy as well. The agency concerned about enforcing encryption laws could run the plain text part through the same encryption process and verify that the output matches. Alternatively, the origin could be required to encrypt using the enforcement agency key, then have the enforcement point decrypt & re-encrypt with the receiver's key. Either way there is enough pain felt at the enforcement point to ensure any random bulk spam is dealt with locally and quickly. > > > ... and provide an incentive for the ISPs to > > actually deploy a PKI. > > Who would you trust to certify keys? For the purpose of email through the ISP servers, the ISP would be able to handle key certification. Those keys may or may not be useful or meaningful outside the context of services arranged by that ISP. Tony