[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol

Moxie Marlinspike moxie at thoughtcrime.org
Thu Aug 28 13:24:15 PDT 2014

On 08/28/2014 01:08 PM, Mike Hearn wrote:
>     3) It creates a potential SPAM problem.
> Just re: the spam issues in general (I used to work on the Gmail spam
> team), most spam is filtered based on two pieces of metadata:
> 1) Origin IP reputations
> 2) Link url domain reputations
> This gets you to perhaps 90%+ coverage immediately. There are many other
> message features used to filter spam, but those two do the overwhelming
> majority of the work. Comparatively little spam is filtered based on raw
> text analysis.

Sorry I wasn't more clear. I was referring to the fact that the
directory would be openly publishing a list of everyone's email
addresses.  Even if you hash them, they're pretty trivially invertible.

I don't know much about the state of the art of spam filtering these
days, so it might be that this isn't a problem, but it doesn't seem great.

- moxie


More information about the Messaging mailing list