>> What about senders from small emerging market countries having a very >> hard time getting any widely accepted assurance group to vouch for them? > >Also in more mature markets, not all of the existing companies and >universities running their own mail servers will be eager to spend >$5000/year on a vouch. Sheesh. The point of having a standard is to make it easy to interoperate. That means that anyone who wants to set up a VBR vouching service can do so, and anyone who wants to use your vouching service can also do so by adding a line to a config file. I certainly have no intention of paying anyone $5000 to get mail from my tiny system delivered. Like Dave, I don't see any reason to expect one economic model or another to predominate, and no reason at all to expect there to be only a small oligoply set of providers. Although I think that VBR is a swell idea, it also seems rather a stretch to expect that it would ever become so popular that you couldn't get mail delivered without it. In the near term, the most likely usage I see is for phish resistance. If organizations like the FDIC were to publish a VBR list of the domains of their genuine member banks, that would make it easier to have a mail system put a flag on suitable signed incoming mail to say "this is really from a bank." R's, John _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf