Murray wrote:
Post-delivery survival of the signature is not only not a goal, it is
arguably (or possibly demonstrably) a problem.
Can we say more about this if we're going to take that position? A naked
"not a goal" doesn't jive with RFC 4686, which explicitly says it is a
goal, or at leas
I think that any charter should specifically call out the need for a
problem statement. The problem is far more nuanced than the few lines in
the proposed charter and I think that the charter should be neutral
about whether the problem can be solved because that isn't clear at all.
Doing someth
I very much disagree with everything the above poster said.
Deniability is a default property of all e2ee messaging apps; it’s both
surprising and disheartening that email — a largely unencrypted medium — fails
to provide deniability for its users. If we said that signal was behaving this
way,
On 12/6/22 2:05 PM, mikespec...@gmail.com wrote:
I very much disagree with everything the above poster said.
Deniability is a default property of all e2ee messaging apps; it’s
both surprising and disheartening that email — a largely unencrypted
medium — fails to provide deniability for its us
> On Dec 6, 2022, at 14:23, Michael Thomas wrote:
>
>
> On 12/6/22 2:05 PM, mikespec...@gmail.com wrote:
>> I very much disagree with everything the above poster said.
>>
>> Deniability is a default property of all e2ee messaging apps; it’s both
>> surprising and disheartening that email — a
On 12/6/22 2:33 PM, Jon Callas wrote:
On Dec 6, 2022, at 14:23, Michael Thomas wrote:
On 12/6/22 2:05 PM, mikespec...@gmail.com wrote:
I very much disagree with everything the above poster said.
Deniability is a default property of all e2ee messaging apps; it’s both
surprising and dishea
> That's not true in all cases. Spam and phishing slips through filters, etc,
> regularly and doing forensics may happen well past delivery windows. Part of
> DKIM is a "blame me" mechanism. If you remove the signature how do they know
> they are actually responsible?
Perhaps the domain can kee
On 12/6/22 3:22 PM, mikespec...@gmail.com wrote:
That's not true in all cases. Spam and phishing slips through
filters, etc, regularly and doing forensics may happen well past
delivery windows. Part of DKIM is a "blame me" mechanism. If you
remove the signature how do they know they are actual
On 12/4/2022 7:52 PM, Murray S. Kucherawy wrote:
On Sat, Dec 3, 2022 at 12:20 PM Jon Callas wrote:
> On Dec 3, 2022, at 11:42, Dave Crocker wrote:
> On 12/3/2022 11:35 AM, Jon Callas wrote:
>> Agreed, and we need some other weasel word than "lightweight"
because there are lots