Wednesday, 23 April, 2003
In Throw Away the Internet; Start All Over, Larry Selzer recommends scrapping SMTP (the current mail protocol) and replacing it with something that is designed to be more secure. As he points out, "the Internet was designed to be secure from nuclear attack, not its own users." The title of the article is somewhat misleading, as Seltzer talks about nothing but mail throughout.
I agree with him 100%. SMTP is built on trust. The protocol has very few provisions for authenticating senders, and the few that do exist place a terrible burden on systems that are receiving mail. Nobody uses the few security features that SMTP provides because those features were designed to handle hundreds or thousands rather than millions of email messages per day.
Replacing SMTP is no small job. The technology is no problem, but convincing large ISPs and individual users to go with the new system would be very difficult. Some people resist change on general principles, and others will resist using any system that requires some sort of certification or positive identification. Why people insist that they need anonymous email communication is beyond me. In any case, if such a new system were implemented, I'm sure that more than one anonymous remailer would appear, and those who insist on anonymity could relay their communications through that service. Placing the remailer outside the country would neatly sidestep any stupid legislation which insists that servers keep track of all senders.
The article was not well received on the Slashdot thread, which tells me more about the Slashdot crowd than the validity of the article. As I've said here many times before, something in the email protocol has to change, and soon, before email becomes as useless as Usenet.