On 2005-06-11 05:02:12 -0400, der Mouse wrote: > > Finally, C/R systems answer the question "was this mail sent by > > somebody who cares enough about the mail to answer my challenge?" > > which is a stronger version of question 1. > > That's not what C/R systems answer. > > C/R systems answer "has the entity who apparently sent this mail gotten > my challenge and answered it?". "... and did I receive the answer?" Yes. Obviously. I should have phrased that differently: C/R systems are designed to answer the question ... They fall a bit short of their design goal. > This differs from your phrasing in three important ways: (1) the > distinction between the entity which sent the mail and the entity which > apparently sent the mail; I thought about mentioning this explicitely, but didn't: Somebody who forges the sender address is obviously not interested in getting DSNs or challenges. > (2) the assumption, or lack thereof, that challenge-answering, when it > occurs, is based on a level of caring about the mail getting through > (as opposed to, say, a desire to throw a monkey-wrench into the C/R > system - I've heard from people who deliberately answer challenges > resulting from mail they didn't send, to do that); and While I don't doubt that there are people who do that I doubt that there are enough of them to matter. > (3) the realization that a failure to answer may be > because the challenge was not delivered, because its recipient is > unable to answer it (eg, a blind man I know getting a vision-based > challenge), or the answer didn't make it back. There are two subproblems here: 1) The challenge or the response may be lost in transit. True and mostly beyond the influence of the sender. This is where the implementations fall short of the design goal. 2) The ability to answer the challenge. This is mostly a question of effort. A blind man can ask a seeing person for help, if he thinks the message was worth the effort. If I receive a challenge in Tagalog I can hire a translator to translate it (and presumably also my answer). But that would have to be an exceptionally important message (and I probably wouldn't have sent it by mail in the first place). So the degree of caring necessary to answer the challenge will vary wildly between different senders, not only because of different abilities, but also because of different levels of aversion against C/R systems. But the phrase "cares enough to answer" covers that. (Of course that may mean that the design goal wasn't a particularly useful one in the first place) hp -- _ | Peter J. Holzer | Ich sehe nun ein, dass Computer wenig |_|_) | Sysadmin WSR | geeignet sind, um sich was zu merken. | | | hjp at hjp.at | __/ | http://www.hjp.at/ | -- Holger Lembke in dan-am
Attachment:
pgpXpgiDBlIPi.pgp
Description: PGP signature
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg