W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation

From: Marsh Ray <marsh@extendedsubset.com>
Date: Sun, 19 Dec 2010 22:04:40 +0000
Message-ID: <4D0E8148.7060607@extendedsubset.com>
To: Ben Laurie <benl@google.com>
CC: Adrien de Croy <adrien@qbik.com>, General discussion of application-layer protocols <apps-discuss@ietf.org>, websec <websec@ietf.org>, Common Authentication Technologies - Next Generation <kitten@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "saag@ietf.org" <saag@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On 12/19/2010 03:49 PM, Ben Laurie wrote:
> On 19 December 2010 11:12, Adrien de Croy<adrien@qbik.com>  wrote:
>> Imagine if
>> everyone needed a client certificate to send any mail.  We'd have no spam.
>
> Nonsense. We'd just restrict spam to owned machines, of which there
> are only a few tens or hundreds of milliions, if we're lucky.

Nonsense. We'd have no mail. Or rather some other store-and-forward 
messaging system would arise and not be called mail.

Look back far enough and you'll find all kinds of "electronic mail" 
services implementing the full range of peer and end user 
authentication, and sender-pays models. There was no spam on those 
systems, or at least not enough that anyone felt like they needed a word 
for it.

Guess why we use the one we use today.

- Marsh
Received on Sunday, 19 December 2010 22:39:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:34 GMT