TRIPOLI: An Empowered E-Mail Environment
Lauren Weinstein:
“TRIPOLI” — An Empowered E-Mail Environment (Overview):
A key aspect of the Tripoli environment is the concept of a third-party certified, encrypted authentication token that would be cryptographically linked with every e-mail message. Within the Tripoli architecture, this token is referred to by the acronym “PIT” (Payload Identity Token, henceforth referred to as “Pit”) and is at the core of Tripoli. The Pit contains all of the certified information necessary to authenticate the associated message payload. The sorts of information within the Pit include authenticating identity information, special or extra capability data, the level of identity authentication in force for this particular Pit and its associated message payload, and potentially a wide range of other related data to be defined in a continually extensible manner.
…
It is anticipated that in most cases, in order for the sender of an e-mail message to become initially certified by a Pit Certification Authority (PCA), the sender would need to first formally accept Terms of Service (ToS) that may well prohibit the sending of spam, and equally importantly, would authorize the certification authority to “downgrade” the sender’s authentication certification in the case of spam or other ToS violations.
…
Again, the overriding principle in Tripoli is that the receiver of e-mail makes the decisions and decides which messages they are willing to receive. Senders of e-mail are free to try proceed as they wish, but their ability to have their messages transmitted, received, and read will be ultimately controlled by e-mail receivers and readers.
