[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] A question on trust and trust propagation.

To: "Jon Kyme" <jrk at merseymail.com>, "ASRG" <asrg at ietf.org>
Subject: Re: [Asrg] A question on trust and trust propagation.
From: "Alex Bobotek" <abobotek at bobotek.net>
Date: Mon, 7 Mar 2005 11:03:14 -0800
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-bounces at ietf.org
Thread-index: AcUjPo7MveZugxASTg2rO1/Li1kAtAAA5XCA
Thread-topic: Re: [Asrg] A question on trust and trust propagation.

A general reputation framework should be able to make assertions
about any source identity, and especially identities that can be
verified.  This includes:

	IP
	"Mail From" address
	Source domain
	DomainKeys' [selector.]domain space
	PRA

Regards,

Alex Bobotek


> -----Original Message-----
> From: asrg-bounces at ietf.org [mailto:asrg-bounces at ietf.org] On Behalf
Of
> Jon Kyme
> Sent: Monday, March 07, 2005 9:48 AM
> To: ASRG
> Subject: SPAMWARNING Re: [Asrg] A question on trust and trust
propagation.
> 
> >
> > Maybe the information should not be a binary black/white, but a
> > probability/confidence value? "Mail from that IP is spam with a
> > probability of 99%" or something like that? For most IPs this will
> > usually be close to 0% or 100%, but it should be somewhere in
between
> > if there are too few samples, or if the host is transitioning from
bad
> > to good or vice versa.
> >
> > (I have to look a GOSSiP again - I think that was quite similar)
> >
> 
> 
> You're right, as I remember, Mark Langston's GOSSiP responded to
queries
> with a reputation score (and an associated confidence rating - did
this
> get
> done?).
> 
> 
> > Sender domains/addresses are currently completely useless as
trustable
> > entities.
> 
> On their own, perhaps. GOSSiP proposed a domain / IP duple as the
> reputation identity, by which I guess some of the issues with
> "granularity"
> were (might be) avoided. There were also schemes to amalgamate
entities
> for
> scoring purposes - perhaps by ref. to "authorisation" mechanisms such
as
> SPF.
> 
> Actually, I really liked the ideas behind GOSSiP - particularly the
way
> trust between nodes might be established informally (or not), and then
> modulated dynamically (without human intervention) would have been
neat (I
> don't know how far that got).
> 

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Prev by Date: Re: [Asrg] A question on trust and trust propagation.
Next by Date: [Asrg] DNSBL comparison
Previous by thread: Re: [Asrg] A question on trust and trust propagation.
Next by thread: [Asrg] DNSBL comparison
Index(es):
- Date
- Thread