I agree with getting personal mail servers registered, as far as paying $100 for a mail server registration (as mentioned in previous messages)...that's no good. As a user with a personal mail server, it is bad enough to have pay for connectivity and a domain name. Having to pay for the privilege of running a mail server is too much.
Robert Blayzor wrote:
I agree with getting personal mail servers registered, as far as paying
$100 for a mail server registration (as mentioned in previous
messages)...that's no good. As a user with a personal mail server, it
is bad enough to have pay for connectivity and a domain name. Having to
pay for the privilege of running a mail server is too much.
e-mail isn't free. in my own experience, i can pay a high price by just
hitting delete a couple hundred times a day, or a medium price by turning
on all kinds of anti-spam features in my MTA and sending complaints out
to network owners on whatever sneaks through the blockade, or a low price
by only accepting e-mail from people who have paid to register their
servers with some certifier whom i am willing to trust.
we'll be seeing this kind of "require signed-by-trusted certificates before
permitting use" logic in the personal certificate field soon. why not do
it at the mail server level, where there are fewer certificates and more
total lifetime value per signature?
the secret is in correctly answering the question "who gets the money." i
would love to see a bona fide nonprofit use this as a fundraising method.
(any organized religion's church comes to mind here as an ideal candidate.)
server-level openpgp is also an option, and would more closely reflect the
social realities: (1) introducers i'm willing to trust may not be at the top
of any virtual certification hierarchy other than my own; and (2) there's
no compelling technical reason to keep the number of ultimately trusted keys
small. (verisign/thawte may feel that there are compelling business reasons,
Umm... would you like to qualify the "any" in that statement? I say this because there are those churches that would use the funds for umm... purposes that are less than stellar... or various other programs that may not enjoy widespread support.
If we were to use any funds raised this way for feeding the hungry, housing the homeless, providing Internet access to underprivileged (which I would prefer, btw), then I think you'd find a larger following.
Personally, I don't have a problem with transitioning to a trusted method, and I'd like to see a non-profit signing authority that has completely open books - and money beyond operating expenses going to offset the costs of providing rural areas/less developed areas with Internet access - similar to the way we all help pay for telephone access in rural areas when we pay our phone bills.