On 11/19/20 3:50 PM, John Levine wrote:
In article <21e9288f-827c-88f5-5785-957811d959a0@xxxxxxxx> you write:
It occurs to me that it doesn't even need to be a one-size fits all
solution for providers. All a provider would need to do is have an opt
in for users to to use selectors who are regularly repudiated, and keep
the current non-repudiation selectors forever.
Sounds like an excellent way to get users to say huh? What? I would be
amazed if one user in 100 ever thought about whether their mail might
be verifiable several years from now and what that might imply.
Yes, but the same can said be for the repudiation crowd too. There is no
one-size fits all for this problem. But giving the tin-foil hat types
and security geeks an opt in, they would probably find each other
relatively easily. I find it dubious that providers are not going to
find this anything but a big yawn, honestly. Dealing with intractable
problems for no business benefit is usually not a good career path move.
Mike