Paul Boutin, writing in InfoWorld, provides opinions from six experts – Eric Allman, Bill Warner, Eric Hahn, Ray Ozzie, Dave Winer and Brewster Kahle. An excerpt:
If he could start over, Allman would retool the existing protocols with the benefit of hindsight, instead of throwing them out completely. “The first thing I’d say is we had not anticipated the security needs,” Allman says. “Authentication should just be built in.”
Rather than focus on DNS-based authentication, Allman would choose a cryptographic solution. “I would put something into SMTP that required authentication before proceeding, just as we have with POP. It’s a bit harder than that because unlike POP, SMTP connections may not have any prior relationship, so things like shared secrets are out of the question.”
Allman’s dream solution includes an Internetwide standard domain-authentication mechanism. “This would be part of an optional standard connection initiation protocol,” he says, “so we wouldn’t have to reinvent authentication for each and every use.”
Over the past two decades, Allman’s views on privacy haven’t changed. He still believes it’s a necessity, but he’s developed a more sophisticated view of how to implement it. “I used to feel anonymity in the base protocol was important,” he says. “But if someone brought up an anonymity server that would do re-mailings for you, that would allow this. The trick, of course, is to avoid abuse — this could perhaps be done by having explicitly tagged addresses that are willing to receive anonymous mail. Whistle-blower addresses, investigative reporters, and so on might be willing to receive arbitrary anonymous messages,” using servers that don’t keep any logs that could be subpoenaed.