[cap-talk] mailkey: transfer of accountability. Is this broken ?? should I start from scratch/horton ?

Rob Meijer rmeijer at xs4all.nl
Thu May 31 10:48:48 EDT 2007 

After reading the horton paper, I have been trying to find out
if and how the alternative protocol I designed for the mailkey
anti spam project to take care of transfer of accountability are
broken or not. I posted on this before, but as noone replied
either possitively or negatively I am stuck with the uncertainty
and do not realy dare to proceed on implementing it now.

I will try to rephrase my mailkey project so it would more fit
OC and the horton alternative.

We start off with Alice having 5 references:

Alice -> AB1 -> Bob
Alice -> AB2 -> Bob
Alice -> AC1 -> Carol
Alice -> AC2 -> Carol
Alice -> Mediator

When Alice wants to introduce Bob and Carol she sends a message
to Mediator:

Alice -> Mediator("introduce",AB2,"bob",AC2,"carol");

Mediator on receiving this message forwards the message to both
its arguments, and both get forwarded to :

Mediator -> AB2("intro1",AC2,"carol")
Mediator -> AC2("intro1",AB2,"bob")

As a result of these actions both AB2 and AC2 clone themselves
into respectively AB3 and AC3.

After this, both AB2 and AC2 generate new messages:

AB2->AC2("intro2",AB3)
AC2->AB2("intro2",AC3)

Now the intoduction gets finaly forwarded to Bob and Carol:

AB2->Bob("introduction",AB2,AC3,"carol")
AC2->Bob("introduction",AC2,AB3,"bob")

>From the point where either "intro1" or "intro2" is received,
AB2/AC2 stop forwarding to Bob and Carol respectively.

It may be important to note that in my concrete case, the mediator
being used is internet e-mail combined with To and Cc mail headers, and
all references in my case contain the full forgable e-mail addresses of
the parties involved.

>From earlier mail on the list I get the feeling there should be something
broken in this protocol, but I can't put my finger on what this would be,
or
if my special case for e-mail addresses may actualy be one special case
that isn't broken while the general OC usage of the protocol would be.

I am realy interested to know if I am completely on a wong track here and
should thus just throw away my design and start from scratch (with horton
as a guideline), or if I could continue and start implementing the above.


Rob J Meijer

More information about the cap-talk mailing list