-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yes, but you can't expect the masses sign all their email, not yet anyway, so you cannot require cryptographic authentication for mailing lists and services subscriptions (esp. for-profit services that would not like to turn away anyone). That is what you are talking about isn't it? Matt

-----Original Message----- From: William H. Geiger III [mailto:whgiii@invweb.net]

...

What we really need is an automated system that could authorize/deny an address prior to the code/password being sent that would keep track of distribution list addresses and such.

...

Perhaps I'll create one myself soon.

PGP, Digital signatures, CA's, Authentication, ... This *is* a crypto related group isn't it?

How does Thwart, Verisign, or the other CA's handle authentication of an e-mail address in there low level cert

-----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBNgBgOxU5HlNX4dnFEQKQSACghI+z9TK3uXdAbUQMfX2e+ksuk38An3s9 aV7TVzna/+S+cxFXrOmzoxOW =n91J -----END PGP SIGNATURE-----