[eweek article] Window of "anonymity" when domain exists, whois not updated yet

• Previous message (by thread): fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonym
• Next message (by thread): [eweek article] Window of "anonymity" when domain exists, whois not updated yet
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I think that a secure email infrastructure is a good
> thing to have, in and of itself. By secure, I mean
> one in which messages get to their destination reliably,
> i.e. not lost in some spam filter, and one in which
> a recipient can reliably know where the message came
> from if they feel the need to track down the sender by
> other means.
>
And how is it that OpenPGP and S/MIME do not meet this criteria?
Why is it that we also need to break the transport layer to
facilitate what you describe above?

> a protocol change. Forcing people to relay all email
> through their ISP's mail system is an operational change.

Forcing people to relay all email through their ISP's mail system
is a wet dream of anti-free-speech governments, too.
Why should I have to provide non-encrypted information about my
email to my ISP just to get it to my friend's mail server?
Why on earth do you think that is a legitimate operational
change?  Having to route telephone calls through the telephone
company is an unfortunate fact of infrastructure which we don't
currently have with Email.  CALEA is a clear demonstration of
why this is not necessarily a good thing.  Why would you
ever want to consider relegating email to these same restrictions?

> In a sense, I am suggesting a similar reallocation of resources.
> Rather than put those resources into filtering spam, I'd suggest
> that we will get a better result by shifting the resources into
> mail relaying and managing mail peering agreements. The spam will
> continue but users will move to using the secure mail architecture
> and won't see most of it. When the spammers also shift, there will
> be more tools to track them down or shut them down or simply to rate
> limit them.
>
The problem is that currently, most ISPs don't relay mail for other ISPs.
Currently, you look up the MX and send to the end-system.  What you are
proposing, in order to preserve existing mail connectivity under your new
system, would require EVERY ISP on the planet to MAIL PEER directly with
every other ISP on the planet, OR, a new mail routing protocol with ISPs
providing MAIL RELAY for every transit customer.  UG-LY!!

Owen

-- 
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050112/32a33730/attachment.sig>

• Previous message (by thread): fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonym
• Next message (by thread): [eweek article] Window of "anonymity" when domain exists, whois not updated yet
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]