On Sat, Dec 25, 2021 at 4:29 PM Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote:
I know someone living in NZ who overnight received a "one hour from now" reminder of a COVID test for someone in the UK who occasionally mistypes their own gmail address. (A test booked on Christmas day???)
The consequences of a typing error in a call sign are potentially serious. In this case, we can only hope that the person didn't miss their test.
That is a security issue. And not one I can solve for legacy SMTP email etc.
The starting point for the Mesh was 'what would the Internet look like if we started over'. Kind of line Internet/2 but without the constraints that come from academic funding bodies. My stuff does not need to be original research. I will use 30 year old ideas if they are the right ones.
In this case, access control. The only protocols that use Mesh callsigns are Mesh messaging protocols. And every message is subject to access control at the sending service and the receiving service.
Right now, there are only two Mesh messaging applications, contact exchange and the confirmation protocol which is an improvement over 2FA.
So The way Alice would use the Mesh today is:
Alice creates her Mesh profile
Alice binds her profile to the service example.com as alice@xxxxxxxxxxx
Alice registers the callsign @alice.
At this point the only use for the callsign would be so that @alice can exchange contact information via @bob. Alice and Bob probably accept contact requests from anyone but @madonna probably would not).
So if @carol gets confused and tries to send a message to @alice instead of @alice42, it is not going to be accepted via the Mesh messaging protocol because @carol has not been granted message sending privs by @alice.
And the applications know all this and can react intelligently.
Since I have hallam@gmail, I get a lot of mail from confused bunnies. I know that problem and have thought through a fairly good mitigation. As with everything else I do, it is not perfect but it is a lot better than what we have today.
And no, I am not setting out to 'replace SMTP''. I have built a secure messaging infrastructure because I need it for management of contacts and devices and for 2FA-plus that can also be applied to any other communication modality.
