<<< Date Index >>>     <<< Thread Index >>>

[IP] more on Fighting spam: raise the bridge or lower the water?[risks] Risks Digest 22.92




Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Thu, 09 Oct 2003 01:46:21 -0400
From: Bob Frankston <Bob2-19@xxxxxxxxxxxxxxxxxx>
Subject: RE: [IP] Fighting spam: raise the bridge or lower the water?[risks]
 Risks Digest 22.92
Sender: Bob Frankston <rmfxixB@xxxxxxxxxxxxxxxxxx>
To: dave@xxxxxxxxxx, ip@xxxxxxxxxxxxxx


This is a mild form of what I've been advocating.

It's worth noting that we wouldn't be in such need of a "do not call bill"
if you could indeed use Caller-ID. The problem with the phone network is
that it is not end-to-end and thus you cannot implement caller ID yourself
and thus must rely on the Telco's version which just tells you who pays the
bills.

I've long ago advocated letting the user just send any string. If you get a
phone that supports end-to-end caller-ID signaling then you could start to
require caller-ID. While the PSTN won't be able to do this it is a better
reason to go to VoIP and SIP than just saving money -- it is about saving
time.

Letting people do their own strings, of course, makes spoofing irresistible
though one can treat it as fraud.

To make this effective one would be able to give other's keys (digital, of
course) that give priority access. It's but a short step to the use of
capabilities.

White lists, in themselves, are too easily defeated and don't deal with
creative use of email addresses. Here too you can use an active form of the
white list in terms of a capability token.

The real point is not so much the specific solution as the contrast between
phone system thinking and waiting for the smart middle to save us (or, else
Congress will fix it but good) and the Internet where we need solutions at
the edges. The spam solutions are still too much PSTN-like but I expect
people will learn over time that having a level of indirection can give them
control.

After all, the PSTN itself is becoming IP-based. Just a few leaks between
the PSTN VoIP world and the rest and, well, my current image is of the ice
dam that broke and let the sea in Canada carve out the formations in the US
Northwest during the last ice age.

-----Original Message-----
From: owner-ip@xxxxxxxxxxxxxx [mailto:owner-ip@xxxxxxxxxxxxxx] On Behalf Of
Dave Farber
Sent: Monday, October 06, 2003 21:14
To: ip@xxxxxxxxxxxxxx
Subject: [IP] Fighting spam: raise the bridge or lower the water?[risks]
Risks Digest 22.92



>Date: Mon, 06 Oct 2003 09:46:36 -0700
>From: "NewsScan" <newsscan@xxxxxxxxxxxx>
>Subject: Fighting spam: raise the bridge or lower the water?
>
>Many software experts now believe that the best way to fight spam is not by
>targeting it directly but instead by concentrating on the identification of
>legitimate mail.  VeriSign executive Nico Popp explains, "People have been
>spending all their time creating filters to find the bad guys.  We want to
>turn that on its head and find ways to identify the good guys and let them
>in."  The idea would be to develop the Internet equivalent of caller ID,
>with a technology that identifies senders and lets receivers presume that
>unidentified senders are sending junk mail.  Richard Reichgut of
>AuthentiDate says, "It's not easy to change something as successful and
>widely used as e-mail.  But the only way to fix e-mail is to have a strong
>way to know who is sending you mail."  [*The New York Times*, 6 Oct 2003;
>NewsScan Daily, 6 Oct 2003]
>   http://partners.nytimes.com/2003/10/06/technology/06SPAM.html
>
>   [Once again, see Lauren Weinstein's Tripoli proposal --
>     http://www.pfir.org/tripoli-overview
>   -- which is a sensible approach to giving users control over how to
>   confront the e-mail dilemma.  BEWARE of ceding this authority to ISPs!
>   PGN]
>
>   [Also, see "Four Internet pioneers discuss the sorry state of online
>   communication today. The consensus: It's a real mess." by
>   Katharine Mieszkowski, Salon.com:
>     http://www.salon.com/tech/feature/2003/10/02/e_mail/
>   She quotes Dave Farber, Dave Crocker, Brad Templeton, and Jakob Nielsen.
>   PGN]

-------------------------------------
You are subscribed as BobIP@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/