[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] SMTP over SSL

To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Subject: RE: [Asrg] SMTP over SSL
From: william@elan.net
Date: Wed, 2 Apr 2003 11:40:29 -0800 (PST)
Cc: "'Eric S. Imsand'" <eimsandasrg@charter.net>, <asrg@ietf.org>
In-reply-to: <CE541259607DE94CA2A23816FB49F4A301AE2235@vhqpostal6.verisign.com>
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org

Is there a webpage for JamSpam meeting or list of presentations or notes 
on what was discussed?

On Wed, 2 Apr 2003, Hallam-Baker, Phillip wrote:

>  
> 
> ----- Bob
> I find it hard to believe that if you told the administrators for Hotmail,
> Yahoo, AOL, Earthlink, etc., that you had  a way to decrease the amount of
> e-mail arriving on their network by ~50%, they wouldn't soil themselves with
> excitement?
>  
> 
> At the JamSpam meeting there was a lot of interest from the representatives
> of these companies in developing some form of open authentication mechanism.
>  
> The problem here is that you can't just put those folk in a room and have
> them talk about their business. That would be what lawyers call a PROBLEM.
> 
> Additionally, I don't think I have the same view of liability that everyone
> else does.  The reason that I'm such a big advocate of a certificate based
> system, similar to SSL, is that the certificates can be revoked.  Instead of
> asking networks to pay huge sums of money to other people, why not charge
> them a very large amount of money to get their certificate back (such as
> $10,000).  Anyone who accidentally got the certificate revoked could get it
> back, but it would cause them sufficient pain to ensure that they correct
> their practices.  Also, you make the cost of  spamming much higher...
> everyone who deals with spammers will charge them at least as much money as
> required to get their certificate back once it's revoked.
> 
> Eric
>  
> 
> There are a lot of strategies that can be employed. Including having a
> rating service rather than a revocation service. There is no reason for the
> CA to have to run the rating service, it could be an independent entity. It
> does not have to be black/white listing, it could be a 5 point scale of
> spamminess coupled with a 'member since' indicator.
>  
>         Phill

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- RE: [Asrg] SMTP over SSL
  - From: Hallam-Baker, Phillip

Prev by Date: RE: [Asrg] email pull (was RE: Authentication )
Next by Date: Re: [Asrg] SMTP over SSL
Previous by thread: RE: [Asrg] SMTP over SSL
Next by thread: Re: [Asrg] SMTP over SSL
Index(es):
- Date
- Thread