What I proposed wouldn't have any "central authority controlling
the flow of email".  No more than the "central authority" of DNS
or RBLs do so now.  You would be free to not require it, to use
a different server, or even to run your own.  If your point is
distrust of a single system, that can dealt with.

(There would, by the way, be no "central key *issuers*", though
that's a minor point.  You could, and would, issue your own
key.  But most people would probably not get it from you directly;
they could, however, if they so desired, and if you offered it
in some way for direct consumption.)

You would, however, have to decide which (if any) servers to trust
when you (re)configured your mailserver.  (The server(s) from which
to get a key could be listed with the signature.)

Ah well.  The idea has been floated.  (^&


Re. your scheme: For the average user, if you can tell spam from
non-spam by the headers (I almost always can), you haven't actually
made their lives any easier---and in fact, by forcing them to take
an extra, manual step to get their real email, you've made their
lives a little harder.

For people who must read entire mail bodies, you haven't saved even
bandwidth.  Nor for those who are unable to tell a particular spam
based on its headers.

My feeling is that the cost of bandwidth for spam is presently
lower than the cost of people-time, so I'm interested in schemes
that reduce the work that people have to do to get around spam.
(This balance may be different for you, for a number of reasons.)


A basic problem with SMTP, which both of our schemes attack in
some degree, is one of default acceptance.  But it is difficult
to counter that while allowing people that you don't personally
know to contact you out of the blue.


-- 
  "I probably don't know what I'm talking about."  http://www.olib.org/~rkr/