Re: [Asrg] New take on emerging idea. (yet another C-R system?)

["John Fenley" <pontifier@hotmail.com>]

> From: J C Lawrence <claw@kanga.nu>
> If you do it via consent tokens, the user can see all the consent tokens
> he as acquired from others, and the consent tokens he has grated
> others.  He doesn't (necessarily) see how or why those tokens were
> created or exchanged, or what traffic takes advantage of them.
sounds a little messy, and confusing for a new internet user to deal with.


> Note that this process exposes another spam vector.  As systems will
> have to maintain their private lists of consent tokens, then an obvious
> spammer approach is to compromise systems (and subscribe to large
> mailing lists) and collect tuples of address pairs and consent tokens.
> If they can then inject forged mail with the appropriate envelopes and
> tokens they can bypass the system.
Messier, and less secure that temporary whitelisting/choicelisting.

John Fenley

side note:
=====================================================
I have updated my plan to allow notification of delivery failure to list 
managers. This was lacking in the previous version, and I think it nicely 
rounds out the plan.

www.pontifier.com/database.html
www.pontifier.com/challenge.html

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg