a) The problem is not Fakemail - the problem is people who rely on
unreliable entries (message parts)
>From: UVS1::"firewalls-owner @
com" 23-APR-1996 19:00:14.85
>To: finken @
>CC: firewalls @
com, mulligan @
net, axr127 @
>Subj: Fakemail (Possible solutions)
With VAXmail, this is what you get. Obviously wrong but does not matter
(other than REPLY goes to the wrong place) because *the purpose of mail
is delivery. Period.*
>-----BEGIN PGP SIGNED MESSAGE-----
This is one answer that is commonly used. Still does not say where it came
from but provides confidence that the signer has had it in his/her/its/other
possession at some time *and that is all*.
>I really don't believe that although PGP is the best solution in theory, it
>is the least viable of all solutions.
Would not be that harsh myself. True at present it is designed for
individual communications rather than group but this is not an inherant
weakness, just an indication that a good key management/distribution
management system does not exist. X.509 would seem to be one mechanism.
I can see a future in which an individual only has two keys - their own
and that of a trusted post office (note: I did not say *the* Post Office
as in US). Mail is sent with a receipient list and the session key
encrypted with the PO key. PO decrypts/re-encrypts the key with each
recipients public key & distributes. For material too sensitive for
such handling, a keyring can be kept in which case the po key is not used
and message is just distributed to list.
Not today, not this year, but soon.
> Although the use of PGP may seem easy
>to most of the users of this mailing list, it is not the case for the
>average user on a college campus.
Have you seen the "enclyptor" ? Floating toolbar that is just point and
click. Do have to know a passphrase to decrypt. Will be easier soon.
(anyone who can add a button to ccMail might drop a line to support@
>I think the following methods have been suggested so far:
Other than encrypting/signing the body of the message, all try to make
SMTP something it is not - this is why they fail.
From: Michael Baumann <baumann @