Sergey Goldgaber <sergey@el.net> writes:
-> Right now, there's a very large number of addresses in the key servers. -> Instantly making them into a list of addresses that accept anon mail -> will make it hard (hopefully infeasible) for the LEAs to investigate -> everyone willing to accept anon e-mail as a suspect in sending it.
Unfortunately, key servers can not be trusted. I'm sure you're aware that anyone can submit a key, and thus forgeries abound.
If the above model is adopted, key servers will be the first target of the prospective spammer.
Why Sergey, you mean to tell me that there are key servers out there that accept a key from a purported address and don't send back a cookie to that address to see if it's not fake? :-) That's just terrible. Definitely no key coming from such a server should be trusted. :-) :-) Today is March 29, 1997 - almost April 1st. The Internet ain't what is used to was 15 or 10 or even 2 years ago. If you get an e-mail that purports to be from X, and it requests that you add X's public key to your key server, or (un)subscribe X to a mailing list, or block X from receiving anonymous e-mail - it may be a forgery. Never act on such requests without trying to authenticate them with a cookie. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps