Remote email access

Tue Feb 4 16:24:58 UTC 2003

From: "Dave Crocker"

>
> A flag day is not possible for changing the infrastructure of any
> network operation that is large.  Even when there is a single authority,
> service operators cannot perform a conversion "instantly".
>
That is true. However, there comes a day when enough people are implementing
a technology that one can make the decision to flip the switch on their
network. While there is no single authority, I'd be happy with a US and
European based authorities for their respective companies. This would allow
for monitoring and filtering of a large portion of netspace. I'd even be
happy if whois data was enforced to be accurate again. 555-5555 is not a
valid phone number the last time I checked yet it's listed all over whois
information. Not all ISPs are being forced to handle their IP allocation
records properly, and the ISP doesn't take responsibility for the complaints
and issues. Perhaps a little more policing and withdraws from our various
registrars would at least help make things more manageable. When does a /18
that has client entities on it still maintain only the initial ARIN whois
data.

> ps.  Please note that there is still no large-scale use of certificates,
> although the technology for them has existed for years.  Therefore it is
> important to be very conservative, when specifying a system behavior
> that depends upon their use.

MTA certificates are unreliable in a "I do not trust this organization"
setup at this time. If they were reliable in such a setup, people would
adopt them more readily. The reason why there is identity theft is because
we don't enforce identities on the network. Do you have to send in business
letterhead or proof of incorporation when registering many of the
"identities" available? No one wants the responsibility, and until we build
the social structure into the technical structure, we will always find our
network abused.

-Jack