From: Brad Templeton (brad@templetons.com)
Date: Sat Sep 29 2001 - 14:49:38 CDT
On Sat, Sep 29, 2001 at 03:24:00PM +0200, Claus Färber wrote:
> I'd prefer a more general solution where it is not only possible
> to just cancel the message but to specify _why_ it has been
> cancelled.
>
> For example, a site might agree with a cancel message issuer on
> what constitutes spam but not on what constitutes an illegal
> message (due too lack of congruent legislations, for example).
Quite possibly, but I really don't see more than the tiniest fraction of
sysadmins wanting to do this sort of detailed configuration.
However, they don't have to. You have to decide to trust a remote
canceller that you delegate cancel authority to. This means you must
decide to trust them to only use it for the purpose agreed upon (such as
spam cancel) and not for other reasons you didn't agree on.
Fortunately, the canceller need not have just one key or certificate.
They can cancel things using a different certificate, and you can decide
what to listen to. If you can't trust them to use the right certificate
on a cancel of a given purpose, you can't trust them at all.