I'm not speaking to whether we should or shouldn't change 5321bis, but just addressing one argument below: > However, the reality is that most of the email traffic in the world > is innocuous. As SM essentially pointed out, the combination of a > large distribution list and public archives would make keeping this > message secret somewhere between "hopeless" and "laughable" no matter > how well encrypted the transmission channels. Similarly, if you and > I had an email conversation about the relative weather > characteristics in the Northeast US, the North Island of New Zealand, > and parts of the UK, I can't imagine either of us losing any sleep > over some government bureaucrat or spy reading those messages. This misses the point that one effect of encrypting everything, rather than just the "stuff that needs to be secret" is that doing the latter tells people what they need to concentrate on. If everything is encrypted, then taking the effort to decrypt all the encrypted stuff isn't effective. That actually turns your argument into one that says we *should* be encrypting all of it, if the goal is to foil entities that are snooping in-transit stuff on the wire. Other threat models, other goals, and other arguments apply here, though, of course. Barry
