[no subject]

Agreed, unless someone can propose a different architectural principle I =
see no reason to expect an entirely new Internet architecture to perform =
any differently than the existing one.

Accountability is a new or at least unachieved architectural principle. =
As Dave Crocker points out there is no reason to create a new SMTP (and =
by extension new DNS, new BGP) unless one has first shown why the new =
proposal cannot be achieved as an extension or modification of the =
existing.

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf





ibri.verisign.com ([65.205.251.74])
	by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GmwtE-00010f-Ev
	for ietf at ietf.org; Wed, 22 Nov 2006 13:32:09 -0500
Received: from mou1wnexcn01.vcorp.ad.vrsn.com (mailer1.verisign.com
	[65.205.251.34])
	by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id kAMIVrCd014596;
	Wed, 22 Nov 2006 10:31:53 -0800
Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by
	mou1wnexcn01.vcorp.ad.vrsn.com with Microsoft
	SMTPSVC(6.0.3790.1830); Wed, 22 Nov 2006 10:31:52 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 22 Nov 2006 10:31:46 -0800
Message-ID: <198A730C2044DE4A96749D13E167AD37E7E733 at MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: The 'failure' of SMTP RE: DNS Choices: Was: [ietf-dkim] Re:	Last
	Call: 'DomainKeys
Thread-Index: AccOYV7SPnozsrSvSGm4/E4DhIAo7gAAEUgg
From: "Hallam-Baker, Phillip" <pbaker at verisign.com>
To: "Tony Finch" <dot at dotat.at>, <Michael.Dillon at btradianz.com>
X-OriginalArrivalTime: 22 Nov 2006 18:31:52.0791 (UTC)
	FILETIME=[7B160E70:01C70E64]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4
Cc: ietf at ietf.org
Subject: RE: The 'failure' of SMTP RE: DNS Choices: Was: [ietf-dkim]
	Re:	Last Call: 'DomainKeys
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
	<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
	<mailto:ietf-request at ietf.org?subject=subscribe>
Errors-To: ietf-bounces at ietf.org


> From: Tony Finch [mailto:dot at dotat.at]=20

> Usenet did not escape spam. Spammy usenet servers were not=20
> reliably cut off - certainly the trust relationships between=20
> server operators did not provide an effective way to stop=20
> spam. Your last sentence above is the reason why: keeping=20
> legitimate communication working is more important than the=20
> inconvenience of spam.

That coupled with the difficulty of separating the legitimate =
communication from the spam.=20

In USENET and BGP the trust relationships are only bilateral hop by hop. =
So I am vulnerable if anyone I connect either directly or indirectly =
connects to a spammer.

In other words USENET is a perimeter security model with 100,000 plus =
independently administered entry points. It it any wonder that it has =
essentially collapsed? (my ISP no longer provides NNTP as base service =
and this is now the norm).

There is no accountabilty.


> You can apply the same logic at the level of BGP routing:=20
> there are trust relationships between networks, some of which=20
> are clean and some of which are infested with criminals. The=20
> latter spoil it for the rest of us but they are still not cut off.

Which is why the first step in securing BGP has to be to provide =
credentials that allow route advertisements to be tracked to source.

Again, there is no real accountability.


> For a third example of reluctance to punish the innocent,=20
> look at the hatred directed at DNS blacklists that=20
> deliberately block people who are unlucky enough to be too=20
> close in network space to spammers.

The problem there was the blacklists demanded others be held accountable =
but refused to be held accountable themselves. They would arbitrarily =
blacklist sites and then refuse to unblock them. Some openly boasted of =
using 'collateral damage', holding innocent parties hostage as a means =
of creating leverage to cause an IS to comply with an arbitrary policy =
unliaterally set by the blacklister.

This time there was accountability but the system itself was not =
sustainable because the guardians of accountability were not =
accountable.


> Given this, your proposed architecture is just as vulnerable=20
> to botnets as the open SMTP architecture. There are always=20
> going to be enough admins who don't cut off infected machines=20
> and who also have enough legitimate customers that their=20
> upstreams won't cut the whole network off. This will be=20
> enough to poison the well.

Agreed, unless someone can propose a different architectural principle I =
see no reason to expect an entirely new Internet architecture to perform =
any differently than the existing one.

Accountability is a new or at least unachieved architectural principle. =
As Dave Crocker points out there is no reason to create a new SMTP (and =
by extension new DNS, new BGP) unless one has first shown why the new =
proposal cannot be achieved as an extension or modification of the =
existing.

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf