At 5:14 PM 8/22/96, Bruce M. wrote:
Web Week, July 8, 1996, p3
The Postal Service's attorneys have told the USPS that the tampering part of the current federal law would transfer to the electronic space, and that the mail fraud portion might also apply...
"We're a trusted third party," Saunders said. "We don't have any interest in learning your trade secrets...
Back in June I attended a presentation on this from Paul Raines, who is running the program. As I recall, there were three services they were planning to offer. 1. A time-stamping service. This is basically a remailer - you would send email to the USPS site, which would add a digital timestamp and signature, then forward the message to it's ultimate recipient. Customers wishing to use the service would deposit a sum of money with the USPS, which would be debited for each use of the service (suggested cost was on the order of 25 cents/message) 2. A CA service. Keys would be signed at various levels of assurance. At least at the start, business strength keys would be issued only at Postal Business centers, which are in about 100 cities in the US. 3. An archival service. For a fee, the USPS would store copies of all of the email you send though it's remailer. Only the sender could retrieve it, short of a court order. In answer to a direct question, Raines said that user-encrypted data was OK. Raines claimed the following advantages: * The contents would be subject to the postal fraud statutes. * People would trust a message received through the remailer more than one which was not. * IRS tax filings sent through the Postal system can arrive after April 15, provided they are postmarked before that time. Tax filings sent by other methods must be received at the IRS before midnight on the 15th. * Approximate quote: "When business negotiate a deal, they do it over the phone, in person, etc. But when the deal is closed, what do they do? They write a letter, and send it via registered mail through the USPS." * As a CA, the USPS was a known and trusted entity overseas, unlike commercial CA services. Some specific counter arguments: Fraud protection: If a person was intending to commit fraud, why would he or she send the message through the USPS remailer? Since the service is costly, most email will never be sent through it, and there will not develop a tendency to regard non-USPS email as untrustworthy. IRS filings: If I send a tax filing to the USPS remailer at 23:45 on April 15th, it gets a pre-midnight timestamp and is accepted by the IRS as being on time. If I send an email tax filing directly to the IRS at 23:45, it is also accepted (and if I was that desparate, I could also bounce the message through Hawaii, or US Samoa, and get several more hours of grace) Also, I was under the impression that the IRS now accepted FedEx timestamps for tax filings. Finally, the amount of business which this represents is miniscule. Closing deals: Ever hear of faxes or FedEx? My personal impression was that Raines had been listening to his own propaganda for too long, and was rather out of touch with the way things are done outside of the Beltway. I got the feeling that the USPS was desperately trying to find a role in a time where it was becoming merely the cheapest and slowest player in the package delivery business. Peter Trei ptrei@acm.org [Disclaimer: I am not representing my employer.]