Why certified/authenticated email cannot solve spam

February 2, 2008

There are a number of schemes for dealing with spam that boil down to 'people will get SSL certificates, you only accept email with a valid certificate, and if people still spam the certificate authority will revoke their certificate'. There is a simple, core problem with these schemes:

Certificate revocation never works.

Certificate authorities are paid by the people who they issue certificates to, not by the people accepting those certificates. The people who provide the money do not want their certificates revoked, and so it is not in the economic interests of the CAs to revoke certificates. So they don't. Oh, they always have reasons, and sometimes they are pushed to revoke a certificate or two to keep their business rolling in, but that's it.

(The other problem is that revoking certificates does not make the CA any money; it is a cost center, not a profit center. And any organization spends as little on cost centers as they can get away with, which means that cost centers inevitably work badly.)

The same is true of schemes for email authentication. In practice, pretty much the only time that a certificate is going to get revoked is if it was issued to the wrong organization. If it was merely 'misused' inside the organization, that's an internal matter for the organization, not something that the CA will get involved in.

(This entirely ignores all of the practical problems with certificate revocation, which are highly non-trivial.)

Written on 02 February 2008.
« Isolating network interfaces on Linux
A note to would-be photo editing applications »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sat Feb 2 23:14:20 2008
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.