[77072] in North American Network Operators' Group
Re: [eweek article] Window of "anonymity" when domain exists, whois
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Jan 12 13:54:10 2005
Date: Wed, 12 Jan 2005 10:53:37 -0800
From: Owen DeLong <owen@delong.com>
To: Michael.Dillon@radianz.com, nanog@merit.edu
In-Reply-To: <OF3AE11260.E60D0D6E-ON80256F87.0058B4E1-80256F87.0058F62E@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu
--==========E89B4ED8B23BB231C910==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
--On Wednesday, January 12, 2005 4:11 PM +0000 Michael.Dillon@radianz.com=20
wrote:
>
>> Right now I have freedom of communication. In your vision I would hand
>> all that over to my ISP for the benefit of giving complete control over
>> who can communicate with me to them.
>
> Perhaps you could explain to me just how you
> currently manage to get port 25 packets delivered
> to your friends without transitting your ISP?
> Or did you just mean "freedom of communication"
> in a rhetorical sense?
>
Yes, my port 25 packets go through my ISP. However, TLS means that none
of the SMTP conversation between my mailserver and my friends mailserver
is visible to my ISP in an unencrypted form. Your system would require
me to expose at least the envelope information to my ISP. Do you see
the difference here?
> And if you will trust an ISP to deliver port 25
> packets then why wouldn't you trust them to
> deliver email messages?
>
I don't trust them to deliver port 25 packets. I expect them to deliver
port 25 packets. Then, I authenticate the system at the other end using
TLS and have an encrypted coversation. My ISP can see that there's
encrypted data going through their network between our servers, but,
they (at least theoretically) can't see what that data is.
Owen
--=20
If it wasn't crypto-signed, it probably didn't come from me.
--==========E89B4ED8B23BB231C910==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
iD8DBQFB5XIxn5zKWQ/iqj0RAi/pAJ9hMpENcOwCOrAJNqyPluXJN901kwCeIu8R
osK4ay6CD1vUGgOrLMiHpX4=
=3jYu
-----END PGP SIGNATURE-----
--==========E89B4ED8B23BB231C910==========--
