Wandering Thoughts archives


Why we won't like it if signing email is the solution to various email problems

Yesterday I wrote about my thesis that all forms of signing email are generally solving the wrong problem and said in passing that if signing email was actually a solution, we wouldn't like it in the long run. Today, let's talk about that.

As I sort of discussed yesterday, the issue with signing email as a solution is that on the Internet, identities normally can't be used to exclude people because people can always get a new one (eg, a new domain and new DKIM keys for it and so on). If signed email is going to solve problems, the requirement is that such new identities stop being useful. In other words, email providers would stop accepting email from new identities (or at least do something akin to that). If new identities don't get your email accepted, existing identities are suddenly important and can be used to revoke access.

(This revocation might be general or specific, where a user could say 'I don't want to see this place's email any more' and then the system uses the identity information to make that reliable.)

Let's be blunt: big email providers would love this. Google would be quite happy in a world where almost everyone used one of a few sources of email and Google could make deals or strongarm most or all of them. Such a world would significantly strengthen the current large incumbents and drive more business to their paid offerings. Even the current world where it's rather easier in practice to get your email delivered reliably if you're a Google Mail or Microsoft Office365 customer does that; a world where only a few identities had their email reliably accepted would make that far worse.

For the rest of us, that would be a pretty disastrous change. I won't say that the cure would be worse than the disease (people's opinions here vary), but it would likely create two relatively separate email worlds, with the remaining decentralized email network not really connected to the centralized one of 'only known identities accepted here' email. If running your own mail server infrastructure meant not talking to GMail, a lot of people and organizations would drop out of doing it and the remaining ones would likely have ideological reasons for continuing to do so.

(A far out version of this would be for it to lead to multiple federated email networks, as clusters of email systems that interact with each other but don't accept much email from the outside world effectively close their borders much as the big providers did. If this sounds strange, well, there are multiple IRC networks and even the Fediverse is splintering in practice as not everyone talks to everyone else. And there are plenty of messaging systems that don't interconnect with each other at all.)

PS: There are lesser versions of this, where large email providers don't outright stop showing 'outside' email to people but they do downgrade and segregate it. And of course that happens to some degree today through opaque anti-spam and anti-junk systems; if Hotmail dislikes your email but not enough to reject it outright, probably a lot of people there aren't going to see it.

tech/SignedEmailSolutionImpact written at 22:18:53; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.