Re: The 'failure' of SMTP RE: DNS Choices: Was: [ietf-dkim] Re: Last Call: 'DomainKeys
Paul Robinson wrote: This is not an economic battle. People think it is, because they see the motive behind spam as profit, and if you make spam expensive enough the battle will be won, but it will always be possible for them to make it cheap enough somehow. soapbox It's clear that profit is, in fact, the motive behind a great deal of spam. This, however, does not mean that imposing some sort of entrance fee will fix anything. Artificial fees creates their own set of problems. The paper postal service has none of the accountability that folks are calling for, for email. Yet we seem to find the degree of spamming in postal mail tolerable. It's entrance fee (the stamp) is for a cost of service and clearly creates a barrier to some degree of spamming. However I suspect that it is the infrequent delivery and pickup that make it tolerable. (In the U.S., bulk mailers gets lower rates and provide the Postal Service with the bulk (yeah, pun) of its revenue. The fact postal mail is delivered roughly once a day and that is is easy to separate real mail from most postal spam marginalizes the hassle. So, email represents a number of very different characteristics. Bad Actors are always good at exploiting weaknesses. Like postal mail, email is entirely open. Anyone can post a message, with no accountability. (By the way, the same is true for the telephone service.) Unlike postal mail, the incremental cost is essentially nil. A reflex to fix things by imposing a fee ignores the wider range of communication roles that email serves over postal. The fight against spam will be won when we take the collective intelligence that we have about architecture, protocols, technology, human factors, how and why bayesian works and where it fails, how and why spamhaus et al work and where they fail, etc. and put all of that into finding a way forward to tweaking SPF, DKIM, and other hacks around DNS and ALSO formalise efforts to track and kill spambots. Nicely, said, except for the idea that this is something that can be won. We haven't eliminated crime or disease and spam is more like those than anything else. The best we can reasonably hope for is bringing it down to tolerable levels. And the difference between expecting elimination versus reduction to tolerable levels leads to very different approaches. We can fix this without going around in circles as before. Accountability is one piece that might do a lot. It won't fix everything though. It's just too easy to break, and too easy to ignore. Careful and incremental use of validated accountability is a promising area. It has significant deployment experience that encourages further use. We are now pursuing much greater deployment of standardized mechanism. Exactly how it will get used and exactly how much benefit it will provide is a matter to be explored over the next few years. Incremental development of spheres of trust looks particularly appealing, because it looks reasonable to seeks environments in which there are essentially essentially spam free, without placing restrictions on the retained -- and necessary -- open world. /soapbox d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Something better than DNS?
John Levine wrote: ICANN has not to date dealt very effectively with these issues, but they are real issues that will have a great effect on people who use the DNS every day, and they're not technical issues, since all of the alternatives are equally feasible technically. At its base, IDN is a technical matter. That is the realm of the IETF, not ICANN. ICANN can deploy and administer solutions developed in the IETF, but it cannot create them. That's not its job and it's not its skillset. IDN has undergone protracted IETF work, with problematic results. Unfortunately, moving from trivial net-ASCII to something that supports the global range of characters, such as Unicode, has been received sustained effort for 10-15 years on the Internet, with modest results So before we assert that one organization, or another, has not dealt effectively with these issues, we need to acknowledge that these issues have proved remarkably difficult for *anyone* to deal with effectively, at the scale and complexity of the Internet. This is not to suggest that efforts cease, but merely that we accept the extensive, diligent effort by bright people has yet to succeed in converting the net to solutions of these issues. That means that it will be more productive to focus on understanding and dealing with the technical, administrative, operations and human factors difficulties in solving the problems, than in declaring any particular organization deficient. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Something better than DNS?
ICANN has not to date dealt very effectively with these issues, but they are real issues that will have a great effect on people who use the DNS every day, and they're not technical issues, since all of the alternatives are equally feasible technically. At its base, IDN is a technical matter. That is the realm of the IETF, not ICANN. ICANN can deploy and administer solutions developed in the IETF, but it cannot create them. That's not its job and it's not its skillset. There are both technical issues and non-technical issues. The technical issues of mapping Unicode to DNS are indeed the IETF's problem. But assuming we solve that, there's considerably more to deploying IDNs. For example, what homograph rules apply to what domains? Are the rules per-TLD or some other granularity? What are the appropriate rules for GTLDs, since they don't have a native language other than the de-facto English? If there are new TLDs with translations of existing TLD names. e.g., business in Arabic and Chinese, are these aliases for .COM or .BIZ, or are they different? If people have registered ASCII approximations of names, e.g., letters without diacriticals, do they get first crack at the correctly spelled IDN with the diacriticals? Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be, http://johnlevine.com, Mayor I dropped the toothpaste, said Tom, crestfallenly. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Something better than DNS?
-- Dave Crocker Brandenburg InternetWorking bbiw.net John L wrote: At its base, IDN is a technical matter. That is the realm of the IETF, not ICANN. ICANN can deploy and administer solutions developed in the IETF, but it cannot create them. That's not its job and it's not its skillset. There are both technical issues and non-technical issues. The technical issues of mapping Unicode to DNS are indeed the IETF's problem. But assuming we solve that, there's considerably more to deploying IDNs. So, it's probably good that I (later) noted technical, administrative, operations and human factors difficulties... The point I am trying to make is that the sorts of issues that ICANN can reasonably be expected to deal with are typically the sort that come *after* having a viable technical solution. There seems to be some continuing, serious questions about whether that solution yet exists. Homographic mappings are an example of just how difficult the topic is. I am pretty sure that that is something for the IETF and not ICANN. At least, I *hope* it is. Still, it's true that any topic can be politicized, even technical ones. For example, what homograph rules apply to what domains? Are the rules per-TLD or some other granularity? What are the appropriate rules for GTLDs, since they don't have a native language other than the de-facto English? If there are new TLDs with translations of existing TLD names. e.g., business in Arabic and Chinese, are these aliases for .COM or .BIZ, or are they different? If people have registered ASCII approximations of names, e.g., letters without diacriticals, do they get first crack at the correctly spelled IDN with the diacriticals? Every time that ICANN has attempted to dabble in the arena of name conflicts, of the type that exist outside the Internet and in the realm of confusion, it has invited more controversy and less solution than most folks desire. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Something better than DNS?
John L wrote: There are both technical issues and non-technical issues. [...] BTW, I liked your travel-sitefinder statement on behalf of ALAC. Frank ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
