Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!mstar!mstar.morningstar.com!bob From: bob@MorningStar.Com (Bob Sutterfield) Newsgroups: comp.protocols.tcp-ip Subject: Re: trash message from usenet (BIFF) Message-ID: Date: 8 Jun 90 16:46:12 GMT References: <9006011234.AA22023@monk.proteon.com> <23824@bellcore.bellcore.com> <393@minya.UUCP> Sender: news@MorningStar.COM (USENET Administrator) Reply-To: bob@MorningStar.Com (Bob Sutterfield) Organization: Morning Star Technologies Lines: 44 In-Reply-To: jc@minya.UUCP's message of 8 Jun 90 04:26:49 GMT In article <393@minya.UUCP> jc@minya.UUCP (John Chambers) writes: In article <23824@bellcore.bellcore.com>, mo@messy.bellcore.com (Michael O'Dell) writes: The notion that mail or mailing lists on the Internet are either "secure" or "accountable" is simply hysterical. What would it mean for a list to be secure? Would this perhaps mean that nobody not on the mailing list could send mail to mlist@foo? If someone has a contribution to make to a discussion... they should be able to contribute. Some mailing lists have implemented filters to block users who consistently and persistently post inflammable messages with the particular purpose of inciting wars. These mailing lists tend to be ones carrying political or religious discussions and other topics that are prone to particular emotionalism. I don't know of any technically-oriented list that has needed to take this step. Does secure perhaps mean that the mail can't go to anyone not on the list? ... I can always ... mail a copy to someone else. I can't imagine how the manager of the mailing list could prevent my doing this. This is the practice on certain security-oriented mailing lists, where the list maintainer requests that members not forward the messages to anyone not on the list, and not keep them in publicly-readable places. The list maintainer enforces this policy by threatening to remove any member from the list, upon sufficient proof of misbehavior. So when someone asks for a secure mailing list, what could they possibly have in mind? Is this just a vague, fuzzy buzz-phrase, or does it have some specifiable meaning? When I hear "secure mail" I generally think that it means that the mail comes from the person named in the From: line, and goes only to the person named in the To: line. If the From: line is inaccurate it's either a bug or a forgery, and if someone other than those listed in the To: line reads the mail, it's either a bug or snooping. I think similar things about mailing lists, but in a one-to-many context. There are plenty of research projects in secure communications. One area is secure electronic mail. But the S in SMTP is Simple, not Secure. Don't get your hopes up with something so Simple.