D. Štrbac

Address Secrecy Is Protocol Failure

Many email users resort to concealing their email addresses in an attempt to evade unwanted messages. Some email providers also offer services for anonymizing and masking email addresses, essentially functioning as forwarding mechanisms.

The necessity to hide email addresses highlights a fundamental flaw within email systems. Concealing addresses behind an "alias" offers only temporary protection, as the alias often needs to be changed upon disclosure. In such a setup, to maintain security, each sender (contact) should ideally have their unique "alias" or dedicated email address. This configuration essentially resembles an unnecessarily complex "allowlist" encompassing both senders and recipients.

In an ideal scenario, email addresses should be public, akin to phone numbers or postal addresses. Unlike the latter two, email operates on a public, open protocol that rests in the hands of users and is purely software-based. This provides users with the privilege of shaping the email system in a wholly democratic manner, free from gatekeepers. At least, this was the original vision before the centralization efforts led by Microsoft and Google began to take hold.

In what we should consider modern messaging systems, addresses should not kept private. Instead, it should be the protocol itself that acts as a gatekeeper and provides protection against unwanted messages.