|
|
Log in / Subscribe / Register

"SMTP has outlived its usefulness" (was: Forwarding services)

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 2:02 UTC (Sat) by mgb (guest, #3226)
In reply to: "SMTP has outlived its usefulness" (was: Forwarding services) by dskoll
Parent article: A note for MXroute users

> We already accept age checks for so many things; why are online dangers somehow special?

If I buy beer in my local grocery store I show my ID and that's the end of it.

If I verify my age online the gatekeeper records as much information as they can grab, and links it to as much other information as they can find, and then keeps it forever, and occasionally some hackers drop in and steal a copy.

to post comments

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 2:07 UTC (Sat) by dskoll (subscriber, #1630) [Link] (11 responses)

There are secure ways to achieve age verification without having a gatekeeper know things about you that it shouldn't. For example, if you have a driver's license, the license issuing authority could provide a service similar to a federated login that doesn't let anyone else know anything other than "the person who's trying to use your service is at least 18 years old."

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 2:52 UTC (Sat) by pizza (subscriber, #46) [Link] (10 responses)

> For example, if you have a driver's license, the license issuing authority could provide a service similar to a federated login that doesn't let anyone else know anything other than "the person who's trying to use your service is at least 18 years old."

Where's the profit/control in that?

(The key word in what you wrote is _could_. Just like we could also have world peace in the coming year...)

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 15:00 UTC (Sat) by kleptog (subscriber, #1183) [Link] (5 responses)

> Where's the profit/control in that?

Yet that is precisely what is being implemented in the EU.

* The site only gets that you are over 18, but not who you are
* The verifier knows who asked for verification, but doesn't know the site that wants to know.

The whole area of Zero-Knowledges Proofs is a fascinating one. Just because you don't think someone can profit, doesn't mean it won't happen.

And personally, this is all a *vast* improvement over the current process of sending photos your your passport over the ether to god-knows which data store. Why people think the new system could be any worse I don't know.

I look forward to the day I can prove my nationality over the internet without photocopying my passport. Bring it on!

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 15:41 UTC (Sat) by paulj (subscriber, #341) [Link] (4 responses)

There are people talking about ZK proofs for age verification for EU Chat Control. However, none of this is agreed on yet. And we are dealing with a number of governments who are notoriously incompetent at tech. Further, even if it's done via ZK proofs, this still doesn't address the fundamental problem here:

You have no anonymity anymore in online speech. Your identity is verifiably linked to everything.

(Again, the threat model here is state actors and increasing illiberalism - which may one day lead to troubling overreach; indeed, there already are examples of troubling over-reach in previously-liberal democracies where people have been locked out of digital services by government because of political speech).

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 18:43 UTC (Sat) by Cyberax (✭ supporter ✭, #52523) [Link] (3 responses)

> a number of governments who are notoriously incompetent at tech.

Have you seen the actual EU regulations? They are awesome. For example, I suggest checking the repairability regulations. CRA and DMA are also great.

The EU is exceedingly bureaucratic, but it's a very competent bureaucracy.

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 19:51 UTC (Sat) by paulj (subscriber, #341) [Link] (2 responses)

The EU is not a monolith, and there are a number of different institutions with differing interests, in different groupings.

I don't know, and I can't find, the history of the CRA and which groups pushed for it - before the European Commission formally introduced it as a proposal (the commission being the one and only body able to do that) - but if it's sensible and pro-consumer, there's a good chance it originated from or at least drew much of its early support from MEPs (prior to formal proposal).

The Chat Control thing is the wet dream of a number of governments and (I assume) their security services. There are regular top-down (i.e., governmental) attempts to push in ID cards and ID checks in various contexts (to *long before* the EU!), and they usually fail because of bottom-up push-back - which MEPs are pretty good at listening to most times. But the securocrats keep pushing for it, keep bringing it back.

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 18, 2026 15:37 UTC (Sun) by kleptog (subscriber, #1183) [Link] (1 responses)

> I don't know, and I can't find, the history of the CRA and which groups pushed for it - before the European Commission formally introduced it as a proposal (the commission being the one and only body able to do that) - but if it's sensible and pro-consumer, there's a good chance it originated from or at least drew much of its early support from MEPs (prior to formal proposal).

Well sure. The process of lawmaking prior to the Commission publishing its proposal is nebulous, but there is structure there. The 2020 Cybersecurity strategy [1] already pointed out this was going to happen. The Cybersecurity Act (CSA) in 2019 already established an EU-wide cybersecurity framework focused largely on ICT and hardware products, making it clear that software would eventually be addressed as well.

In 2022 there was a public consultation [2] with 108 responses. And looking through those responses (they are all public), not a single Free Software/Open Source organisation (AFAICT) made a submission. So it's not entirely surprising that initial draft did not have much in that direction (only 3 mention the term "open source"). Free software 5 times, and Linux mentioned not once.

It's good that in the process we could get MEPs on our side to improve the legislation, but we need to get a lot better at adding to the process earlier. Limited early participation leads to limited early consideration.

[1] https://digital-strategy.ec.europa.eu/en/library/eus-cybe...
[2] https://ec.europa.eu/info/law/better-regulation/have-your...

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 21, 2026 13:07 UTC (Wed) by paulj (subscriber, #341) [Link]

My experience is that MEPs are pretty good at listening. The more authoritarian proposals I know of always originated with governments. My assumptions, maybe biased by my experience, is that:

- The "good" pro-consumer, pro-individual rights stuff tends to have originated from MEPs (and their EP workings groups, via whatever other groups went to the trouble of lobbying them)

- The "bad", authoritarian, illiberal, anti-individual-rights stuff (mandatory IDs, criminal weight behind "DRM" copyright laws, etc.) tends to come from the governments (i.e., the council). Often these are laws they /desired/ previously to implement nationally, but could not get done because of national push-back. So they then go and push it through at a European level, and then later when they have to pass a law (if they even have to do that) to implement the directive they can counter any local opposition with "Oh, but it's not our fault, Europe passed it".

No doubt there are exceptions, but that's the pattern I've noticed, when there's been sufficiently "good" or "bad" European "law" or regulations for me to notice.

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 15:21 UTC (Sat) by dskoll (subscriber, #1630) [Link] (3 responses)

If the government imposes age restrictions, then it has a duty to enable those restrictions in as non-privacy-violating a way as possible.

Just because government in the USA is completely corrupt and dysfunctional, and the entire society thinks only about profit and nothing else, it doesn't mean that's the case everywhere, as kleptog commented.

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 15:54 UTC (Sat) by paulj (subscriber, #341) [Link] (2 responses)

> Just because government in the USA is completely corrupt and dysfunctional, and the entire society thinks only about profit and nothing else, it doesn't mean that's the case everywhere,

I have to laugh here at the implication that governments elsewhere (I guess you mean in the EU?) are not corrupt and dysfunctional (under some threshold that means they can deliver stuff sensibly). Especially as I live in Ireland.

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 18:58 UTC (Sat) by Wol (subscriber, #4433) [Link] (1 responses)

> corrupt and dysfunctional

I duuno about Ireland, but over here in the UK I would say our biggest problem isn't government, but an incompetent and biased gutter press.

I think it was today's Daily Mail - full of biased opinion pieces against Labour masquerading as news. I'm not a fan of Starmer - and I'm very much not a Labour person - but given that the guy has spent most of his professional career dealing with lynch mobs I think I trust him to try and do the right thing.

Given that I'm right of centre, why is it that the two politicians I admire most are both Labour? Because I trust them to be honest and to put their people above their politics.

Cheers,
Wol

"SMTP has outlived its usefulness" (was: Forwarding services)

Posted Jan 17, 2026 20:02 UTC (Sat) by paulj (subscriber, #341) [Link]

The UK is perhaps less corrupt. However, in some ways, that's because the UK political classes and establishment have over the decades (century+?) constructed a system of the most high-class and sophisticated corruption, where the political classes are still bought off but via unimpeachable means. None of this shabby, direct handing of cash to policians in return for a favour - like in those unsophisticated former colonies. Oh no.. the British have a better class of corruption than that.

Politician makes decisions benefiting a donor. Politician some years later leaves office. Politician - after the requisite 2 years demanded by the ministerial code - becomes a director of the company (or some little subsidiary) of his donor, collecting a nice regular remuneration for what is undoubtedly a most demanding role requiring significant dedication of time! Unimpeachable, all strictly above board, all quite proper. And most definitely not corruption. Yet, the politician did the bidding of the donor and was (in some way, at some time) rewarded for it.

The sophistication of corruption in the British government was explored fairly regularly in "Yes, Minister!" (what /gold/ that series was, and incredible how relevant it still is - should be compulsory viewing) - though can't think of specific examples right now.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds