[51940] in North American Network Operators' Group
Re: How do you stop outgoing spam?
daemon@ATHENA.MIT.EDU (Vadim Antonov)
Tue Sep 10 16:35:20 2002
Date: Tue, 10 Sep 2002 13:33:13 -0700 (PDT)
From: Vadim Antonov <avg@exigengroup.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Cc: <nanog@merit.edu>
In-Reply-To: <20020910190949.N24761-100000@sequoia.muada.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 10 Sep 2002, Iljitsch van Beijnum wrote:
> Or we throw out SMTP and adopt a mail protocol that requires the sender to
> provide some credentials that can't be faked. Then known spammers are easy
> to blacklist.
The "credentials that can't be faked" is a rather hard to implement
concept. Simply because there's no way to impose a single authority on
the entire world. The question is whom to trust to certify the sender's
authenticity? I have correspondents in parts of the world where I'd be
very reluctant to trust "proper" authorities. I'd be so very easy to
silence anyone by _not_ issuing credentials.
Besides, anonymous communication has its merits. So what's needed is
zero-knowledge authentication and Web-of-trust model. And don't forget
key revocation and detection of fake identity factories. Messy, messy,
messy.
--vadim
