From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Stephen J. Turnbull" <stephen@xemacs.org>
Newsgroups: gmane.emacs.devel
Subject: Re: more on starttls, gnutls-cli and using tls for mail
Date: Thu, 18 Aug 2011 12:11:14 +0900
Message-ID: <87y5yrl8h9.fsf@uwakimon.sk.tsukuba.ac.jp>
References: <20039.8838.116211.694328@gargle.gargle.HOWL>
	<8762m0n5qi.fsf@red-bean.com> <m1d3g8bqzl.fsf@gmail.com>
	<87ipq0k0q0.fsf@red-bean.com> <87fwl4nqu8.fsf@gmail.com>
	<CAC=50j8gf=bQyxmMbJSs8DzYw-nHXoH=ew0-d5LBnCWk=YPKSA@mail.gmail.com>
	<87ippzf7jx.fsf@gmail.com>
	<CAC=50j_SV8tP82S+k47u04Un7XdkOzVKcjXXRjvtWawDr-mJKg@mail.gmail.com>
	<87pqk4i03k.fsf@kwarm.red-bean.com>
	<CAC=50j8OF=rVMOr1FjsW93p8jV9+-2f=F2c9WY2u+GZfXM4paA@mail.gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1313637084 15935 80.91.229.12 (18 Aug 2011 03:11:24 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Thu, 18 Aug 2011 03:11:24 +0000 (UTC)
Cc: Karl Fogel <kfogel@red-bean.com>,
	Vijay Lakshminarayanan <laksvij@gmail.com>,
	Tim Cross <theophilusx@gmail.com>, Leo <sdl.web@gmail.com>
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Aug 18 05:11:19 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Qtt0o-0008PU-UB
	for ged-emacs-devel@m.gmane.org; Thu, 18 Aug 2011 05:11:19 +0200
Original-Received: from localhost ([::1]:59286 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Qtt0o-0007Oj-2e
	for ged-emacs-devel@m.gmane.org; Wed, 17 Aug 2011 23:11:18 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:56446)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Qtt0l-0007Oe-IU
	for emacs-devel@gnu.org; Wed, 17 Aug 2011 23:11:16 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Qtt0k-0004Lc-Is
	for emacs-devel@gnu.org; Wed, 17 Aug 2011 23:11:15 -0400
Original-Received: from mgmt1.sk.tsukuba.ac.jp ([130.158.97.223]:46009)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Qtt0k-0004LM-2k
	for emacs-devel@gnu.org; Wed, 17 Aug 2011 23:11:14 -0400
Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp
	[130.158.99.156])
	by mgmt1.sk.tsukuba.ac.jp (Postfix) with ESMTP id 38A673FA0725;
	Thu, 18 Aug 2011 12:11:05 +0900 (JST)
Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000)
	id 6AF8D1A2756; Thu, 18 Aug 2011 12:11:14 +0900 (JST)
In-Reply-To: <CAC=50j8OF=rVMOr1FjsW93p8jV9+-2f=F2c9WY2u+GZfXM4paA@mail.gmail.com>
X-Mailer: VM 8.1.93a under 21.5 (beta31) "ginger" cd1f8c4e81cd XEmacs Lucid
	(x86_64-unknown-linux)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 130.158.97.223
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:143391
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/143391>

Tim Cross writes:

 > Thanks Karl. It seems there are use cases for using different
 > authenticated users based on the from/reply address being used.
 > However, it should be noted that this is not due to any requirement
 > or limitation of smtp

Lack of a standard authentication method *is* the limitation of
email-as-we-know-it.  As Chad points out, there are various standards
available, but SMTP itself knows about none of them, and therefore
none are reliably available.

There is a fundamental requirement of email-as-we-know-it, that it be
a way for any dog on the Internet to get in touch with you.  (This is
why Karl and Chad have so many addresses: "kfogel@red-bean" means
nothing to most latent correspondents, while "kfogel@civiccommons"
does, to some fraction that Karl cares about.)  On the other hand, the
fact that among the dogs is Dogbert (aka Canter/Seigel et al, not to
mention even less lovable folk such as stalkers) means that private
mailboxes are widely desired.

Lack of a standard authentication method *at the receiving end* means
that there's no single way to identify mail from expected senders at
your *private* mailbox.  Lack of a standard authentication method *at
the sending end* means there's no way to guarantee you'll be
recognized by the recipient's private mailbox.  So there's no way to
implement reliable private mailboxes.  Not even security-via-obscurity
works because your ISP may filter, *must filter*, based on something
other than sender credentials.

It should be obvious that users will evolve complex, *idiosyncratic*
methods to deal with this complex environment, as recipients and
senders implement a variety of partially coordinated solutions to the
problem of protecting mailbox privacy where desired.

I don't know whether this means that smtp-auth-credentials is needed
to implement such methods (presumably not, Are We Not Hackers?), but
I'm a bit surprised that a project sufficiently conservative about
email that RMail is its default MUA didn't follow the usual process of
obsolete'ing the variable before, uh, jerking the rug out from under
people's .emacs'es.