|
Why not send it with a encrypted USB device per post requiring to be signed at destination?
Once they get it, they ask you for the password.
This way you have a double confirmation.
M.D.V. 
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Or you could use an X.400 email system, where this functionality has been available for 35+ years
|
|
|
|
|
However, this model fails when the email services are provided by the user's company or organization, or when the service provider is not known. In this case, there is no national-scale database of users and an improper organization name is enough to cause it to fail. This is the dominant model today, where companies use an internal server, or even more commonly, use a provider like Gmail, which is invisible outside the organization, and even to the users. In this model, the ADMD is unknown or the same as the organization itself. So... my answer still is more likely to succeed
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
X.400 was designed with the intention that the mail transfer system, the MTAs, were managed by a recognized, public athority. It was developed by the ITU (or as it was called then, CCITT), considering the network of MTAs the way they considered the network of telephone switches: Of course you may, within your company, have an internal distribution system to each employee - a PBX for phone, maybe a company database for the email.
For voice phone, there is a well defined Network Termination point: The network provider has the full responsibility upstream from this point, the customer has the full responsibility downstream. For email, there was a similar point referred to as P3.
This splitting into a mail network provider and mail user was not very popular among Internet people - they want every single developer to be able to manage the whole thing, run its own mail network of MTAs, free to be modified as the developer wants. That's how SMPT nodes are run, by just anyone who cares to set it up. Why should anyone tell us that X.400 assumes a stricter discipline? We don't want discipline in the Internet - Internet is free!
So the guy whose X.400 address is revealed in the Wikipedia article, Harald Alvestrand, said with a smile when working with X.400 at the Uninett research institute: "Sure, we use the ITU X.400 document in our everyday work, but we've got a copy of ISO 10021 available, in case someone points out that we are not a telecom adminstration - the documents are technically identical, but the ISO version has deleted the paragraph stating that MTAs are operated by recognized telecom administrations" 
(Another thing from the same guy: He entered IETF work going from X.400 into MIME, which was still in the design discussion phase at that time. When a new problem area was brought up, Harald suggested that they adopted the solution already designed for X.400, both to save the design effort and to ease interworking between the two email systems. He was immediately and forcefully turned down: No matter what qualities the X.400 solution had, we are not going to do anything the way of the OSI stack! ... So (some parts of) MIME was deliberately designed to be different from, and incompatible with, X.400. That is how the netork wars were like, thirty years ago.)
The critisism raised in the text you quote seems to ignore X.500 completely. In the 1984 "Red Book" recommendations, the directory system we now mostly know as LDAP. (LDAP was originally an access protocol to a "real" X.500 directory.) X.500 is designed for global distribution, in a way resembling DNS. If X.400/X.500 had succeeded, there would have been not only a national but a global database of users.
It seems as if the author(s) of the Wikipedia article has never used a decent X.400/X.500 implementation. I never saw anyone type in the recipient address in the "To:" field, like you do in SMTP: You look up the address in the (globally distributed) database, by any combination of database keys identifying the recipient uniquely, mouse selecting from list of partially matching alternatives if you prefer that to typing. Just like you used to jot down in your little red book the phone numbers of people you met, a successful hit in the large X.500 directory could by a mouse click be transferred to (or referenced from) your electronic rotary, part of the mail system. In the X.400 system I used the most, I could append a tag to the rotary entry, so that I could specify the tag when preparing a mail, and the full address would be retrieved from the rotary by the mail system.
Similarly, when then authors state that "the X.500 protocol proved to be every bit as complex and unwieldy as X.400", their attitude is clearly shown. LDAP is (or I should say: was) nothing but an Internet protocol adaptation of the X.500 DAP. The complexity of the protocol semantics is identical; the essential difference is tne encoding. If you - the Internet Way - expect to create the BER encoding by hand, telnetting to the X.500 server, then you are lost. Very few Internet people spent more than five minutes to reject ASN.1 and BER encoding: If it ain't ASCII, but designed to be generated by software rather than from a keyboard, then it is "complex and unwieldy". ... There again you have the rhetorics of the network wars.
There is no realistic chance of "The revenge of X.400". Yet I find it dispiriting, again and again, see the Internet struggle with problems that were solved many years ago - but that was by the enemy. We close our eyes, we don't want to see it. We won't spend any effort on understanding it. It wasn't invented here, withing the Internet community. Some of the solutions sneak in, behind the curtain, now that noone knows that they really originated in the trenches of the enemy. Often the theft is half-baked and partial, the result looks patchy and full of wreckage from now abandoned solutions. But we'll just have to learn to live with it.
|
|
|
|
|
First of all, thanks for the explanation.
Member 7989122 wrote: The critisism raised in the text you quote...
Not my criticism...
My points are:
I have never seen anyone using x.400 in my professional years. Heck, I didn't even remembered it until you told me today (I remember something about it in my college years, but I thought it had got extincted).
Knowing how things work in Spain, I doubt that either Joan M or his customer have the infrastructure to use it on the short term.
Reading the OP, reliability is as important as being able to finish the topic and strike it from the ToDo-List.
That's why I suggested the encrypted drive and the physical post in the first place. That's something he can arrange right away.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
And I did put a joke marker on my first post about X.400 
|
|
|
|
|
But not in the second one  
Not that I realized the first one  
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
What about asking the customer to confirm they received the delivery?
|
|
|
|
|
Whatever delivery , its encrypted with password. Once they download or get it, they need to contact us for Key.
cheers,
Super
------------------------------------------
Too much of good is bad,mix some evil in it
|
|
|
|
|
Hi Joan,
I would probably use one of two options:
1) A large file email service. MailBigFile.com has a free service for up to 2GB which can be used commercially. You can upload and protect the files, they get loaded onto a server and the recipient is emailed to allow them to download. You get email confirmations throughout, so when the upload finishes, when the recipient starts the download, and when the recipient completes the download.
There are other similar services available, but that is the one I tend to use. There is a pro version for £19 per year that lets you send bigger files and leave the files on the server for longer etc.
2) Log in remotely with TeamViewer and depending on file size either copy and paste directly into the machine or use the built in File Transfer functionality. There is a free version but it is limited to non-commercial usage and you would need it on both machines, but the user can install into memory for a one-off and allow you to have access. They cannot deny receiving it if you put it directly onto their machine!
I use the Professional version commercially to provide remote support and file transfer, and whilst it is not cheap, but it is a very good product. Again there are other similar products available including free ones but I prefer the higher security and better functionality of TeamViewer.
Either solution should provide all you have requested with ease, and both are free if you are doing open source or volunteer work.
Chris Bray
|
|
|
|
|
Well, as you're the developer, you can build in to the opening screen (i.e., make it the opening screen) a path that does not let them actually run the application until they click some sort of accept delivery button. A little more sophistication is to return a key that either they need to enter themselves or is stored by you (if an .exe, for example, you have the power!).
I used a similar scheme, many years ago, to enable software extensions to a product. The product had an authorization dongle but that didn't take care of add-ons. To get an authorization code, the user was given a key (actually just encrypted date-time for that moment) and this was combined with a unique value from the device (like cpu serial number) to generate a counter key. That got them authorized "forever" and never bothered them again.
Unless the users are clever hackers and your software is of wide interest to the masses, you can create any sort of scheme that forces the user to acknowledge having the software in order to use it. If you charge per-cpu, then you need to key each to the machine, otherwise it's rather simple
| Ravings en masse^ |
|---|
| "The difference between genius and stupidity is that genius has its limits." - Albert Einstein | | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Joan M wrote: Finished one project, completely buried in work, my customer asked me to send him the project using WeTransfer.
I'd like to receive a confirmation of reception.
I have no idea who they are, but are you saying a company offering a service called "WeTransfer" doesn't have the means to provide confirmation of reception...? That seems like...a basic feature for any system offering, y'know, any sort of transfer.
|
|
|
|
|
Place the file in S3 and then restrict the access to a certain Token.
Create a simple app in Angular that retrieves the file using the token.
Given them the Token.
Check the access log.
This will take you take some time but you can leverage this method from this day forward.
|
|
|
|
|
WeTransfer sends you an email when the recipient downloads your file.
Although I rely on that daily in business, I doubt the email would prove anything in court, if things come down to that.
Hope this helps.
|
|
|
|
|
Based on some sensitivity concerns one of our tables IPAddressWhiteList is being renamed to IPAddressAllowList. At first I was offended, but then I came to realize that such a change is something that is beyond my ability to comprehend. I don't have to understand; and I don't have to care - so call it whatever you want.
In order to participate in the zeitgeist I did put in the suggestion that we rename our All_Irishmen_Are_Pathetic_Drunks table, tho.
I'll let you know what happens.
|
|
|
|
|
|
Things are only going to get worse with this white/black crap.
Pretty soon, they will get rid of the color black and white, and change it to something else.
|
|
|
|
|
Crayons will be the first to change. For the larger boxes with "stadium seating," those colors that get the top seats will be considered superior. 
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
That's going to make pedestrian crossings difficult to use ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
The mobs running around US cities aren't using the crosswalks anyway.
|
|
|
|
|
As well as Black & White movies. They might be colorized and referred as films of color.
|
|
|
|
|
Slacker007 wrote: Pretty soon, they will get rid of the color black and white, and change it to something else.
I have a very hard time falling asleep when it's bright and sunny out, so I dread the time when nights are no longer allowed to be "dark" because that's offensive to someone.
|
|
|
|
|
The old classic:
Why did God create whiskey?
So the Irish wouldn't rule the world.
|
|
|
|
|
Gah! People are idiots who don't know where their idioms come from.
Black hats and White hats stem from black and white western movies, the villains always wore black hats and the heroes always wore white hats so you could tell who was who. Nothing to do with race, everything to do with film.
|
|
|
|
|
Slight diversion of thread:
Paladin wore a black hat (Have Gun - Will Travel)
OK - not good enough?
The goodest guy: Hopalong Cassidy - who dressed completely in black. Must have been pretty damn darn hot in that outfit (Hoppy would never say the "D" word !). What makes it still a decent show is that he solved problems with his brains - even though good with a gun.
What's really cool about the old-time movies (serials) is that after a fight they'd not have any black-and-blue marks, typically their hat was never knocked off, and surprisingly often, their suit wasn't even dirty!
| Ravings en masse^ |
|---|
| "The difference between genius and stupidity is that genius has its limits." - Albert Einstein | | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
