shogunx wrote:
On Wed, 23 Jun 2004, Iljitsch van Beijnum wrote:
On 23-jun-04, at 3:54, Ed Gerck wrote:
Of course, I still believe that insisting in only using the email
for communications and screaming bloody murder when it does not
work for some reason, at some time, is very un-Internet
to save trees, please read my past messages here, the answers are there.
Thanks.
shogunx wrote:
On Sat, 26 Jun 2004, Ed Gerck wrote:
shogunx wrote:
On Wed, 23 Jun 2004, Iljitsch van Beijnum wrote:
On 23-jun-04, at 3:54, Ed Gerck wrote:
Of course, I still believe that insisting in only using
Bill Sommerfeld wrote:
Ed Gerck wrote:
What I suggested is a web interface to the IETF mailboxes, such that
any routing problems TO those mailboxes would cease to be an issue,
allowing the IETF to be in FULL CONTROL of what is forwared to a
mailbox, or not.
How is this compatible with the IETF
Bill Sommerfeld wrote:
The server can filter as the IETF wishes (or dare) but there would be no
problems with black-lists and mail routing affecting the message being
RECEIVED by the IETF -- which is the point in question.
If a message is blocked by a filter without making a sound, is it
Bill Sommerfeld wrote:
The solution to this self-limitation problem [1], if the Internet MUST be
the only communication path used by someone, is to use IETF web forms
that go directly to the server.
It's not a solution. For one, spammers, not content to ruin email,
have been abusing web forms
.
Cheers,
Ed Gerck
[1] If someone wants to only use email for communication, this means
that email will be his single point of failure in communication.
Even if it's an ietf.org email. And, one may ask, what's wrong with
using a postal address if email fails? After all, IETF IDs and RFCs
include
that there are no technical
solutions for spam strikes me as irrelevant. We all work with
and improves things that will never be 100% effective. The good
part of this is that we shan't run out of work ;-)
If you don't agree with any of the above, pls email me in PVT.
Cheers,
Ed Gerck
Dean Anderson wrote
there
will be no communication possible. Why should it be different
with email addresses?
Cheers,
Ed Gerck
Dean Anderson wrote:
On Tue, 16 Mar 2004, Ed Gerck wrote:
Dean Anderson wrote:
On Tue, 16 Mar 2004, Ed Gerck wrote:
What information theory says is that the probability of detecting
spam is less than 100%.
No, information theory doesn't say that at all.
Sure
when you're sending email, even though it should still
be easy to set [EMAIL PROTECTED] as your address in your MUA.
Cheers,
Ed Gerck
to the software.
Cheers,
Ed Gerck
Dean Anderson wrote:
On Tue, 16 Mar 2004, Ed Gerck wrote:
For example, saying that you're [EMAIL PROTECTED] should not be so
easy to do when you're sending email, even though it should still
be easy to set [EMAIL PROTECTED] as your address in your MUA.
The From: address is just
Dean Anderson wrote:
On Tue, 16 Mar 2004, Ed Gerck wrote:
What information theory says is that the probability of detecting
spam is less than 100%.
No, information theory doesn't say that at all.
Sure it says, and that's why a spam filter will never be 100%
effective. I guess we agreed
definition
betwen machines as we use for millenia between humans. Why? So that
machines could use well-developed, real-world, tested notions of
trust -- and be thus useful as our agents.
This answers the rest of your email. Are you paying attention? ;-)
Cheers,
Ed Gerck
PS: BTW, take a look at a work
not keep the old design if we can get back to the old assumption?
Comments inlined.
Yakov Shafranovich wrote:
Ed Gerck wrote:
The *possibility* of spam is due to an Internet design based on an
honor system for the end points. The model being that the connection
was less trusted than
? The consequences are not
technical. In addition, they would need to be arbitrated and we know how
long, ineffective and expensive that can be.
It is fun,
easy to do, shows fast results, and is proven by thousands of years
of experience.
???
Cheers,
Ed Gerck
Dr. Jeffrey Race wrote:
On Mon, 15 Mar 2004 18:12:22 -0800, Ed Gerck wrote:
BTW, how can we talk about actions that have consequences in terms of a
technical solution that the IETF can pursue?
The whole point is there are NO TECHNICAL SOLUTIONS and never will be.
(There are some
.
This is good but can I motion that we now move to the second stage
of problem solving?
Cheers,
Ed Gerck
grenville armitage wrote:
Many moons ago Ed Gerck wrote:
If someone sends me a message asking for my comment
because they read some other comment I wrote, do I really
care who that someone is... or who they know?
You yourself have identified the criteria 'they read some other
, do I really
care who that someone is... or who they know? No, in fact I
am delighted if the question comes from a complete stranger
with no connection to me, my friends or his friends.
I think we need to be more careful in breaking email more
than what it is already.
Cheers,
Ed Gerck
grenville armitage wrote:
Ed Gerck wrote:
Paul Vixie wrote:
i don't care who you are but i do care who you know.
[..]
If someone sends me a message asking for my comment
because they read some other comment I wrote, do I really
care who that someone is... or who
as might be
necessary to be an effective deterrent to abuse by strangers.
Cheers,
Ed Gerck
freely accept email
from strangers. We need to provide mechanisms (plural) for
selectively locking the input.
Comments?
Cheers,
Ed Gerck
Vernon Schryver wrote:
If the envelope sender was forged as is common in spam, universal in
worms, and practically nonexistent in legitimate mail, then your bounce
will afflict third party's mailbox. My mailbox receives enough worm
bounces to make me say it is an awfully bad thing.
Yes.
Vernon Schryver wrote:
If a complete stranger is the sender of an incoming message, then
crypto keys are irrelevant to determining the message is unsolicited
bulk.
No. In PGP, for example, I accept a key based on who signed it and
when. If I can trust the signer(s), I may use a key from
Vernon Schryver wrote:
From: Ed Gerck [EMAIL PROTECTED]
If a complete stranger is the sender of an incoming message, then
crypto keys are irrelevant to determining the message is unsolicited
bulk.
No. In PGP, for example, I accept a key based on who signed it and
when. If I
in place
a better system just like the postal mail had to do, laws notwithstanding.
Cheers,
Ed Gerck
Robert G. Brown wrote:
On Sun, 15 Feb 2004, Ed Gerck wrote:
We can't lock the
spammers' doors everywhere, we have to lock our door at our house.
No, what we can do is the same thing we do with our real mail box. Make
it illegal to send certain classes of mail, for example letter
Robert G. Brown wrote:
a) All hosts must resolve with DNS.
If you list why this isn't used today perhaps you
will change must to may.
b) All hosts must support an encryption key registered with DNS that
permits all message hops to occur between registered hosts encrypted
with the
Robert G. Brown wrote:
a) All hosts must resolve with DNS.
If you list why this isn't used today perhaps you
will change must to may.
b) All hosts must support an encryption key registered with DNS that
permits all message hops to occur between registered hosts encrypted
with the
Dean Anderson wrote:
It isn't the case that the spammer
intended to send a message about the superbowl, but somehow noise
altered the message to a solicitation on viagra. Rather, they intended to
send a message on viagra, and you recieved their message, noise free.
But seeing the
Ed Gerck wrote:
Dean Anderson wrote:
It isn't the case that the spammer
intended to send a message about the superbowl, but somehow noise
altered the message to a solicitation on viagra. Rather, they intended to
send a message on viagra, and you recieved their message, noise free
[resending due to formatting error in previous msg]
Dean Anderson wrote:
It isn't the case that the spammer
intended to send a message about the superbowl, but somehow noise
altered the message to a solicitation on viagra. Rather, they intended to
send a message on viagra, and you recieved
Robert G. Brown wrote:
Currently, email addresses are relatively simple objects and as such
are easy enough to remember (for humans) and communicate (for humans).
You propose to make an address a complex object: the simple address
plus kilobyte-sized blocks of text or binary data such as:
Dean Anderson wrote:
On Thu, 12 Feb 2004, Ed Gerck wrote:
You can't make it more expensive without shooting yourself in the foot.
In information theory-speak, you can't prevent a covert channel** unless
you have no channel at all.
By the addition of a correction channel
for
their communication and that's why current postcard email should
be preserved in any proposal to make email private.
Cheers,
Ed Gerck
Dean Anderson wrote:
Then using the IETF list as an example, you would need the entire list of
recipients and their public keys, and you would need to send a message
either directly to each of them, one by one, or send a single message with
a session key for each recipient (thousands). This
Franck Martin wrote:
I see however the signing of e-mail,
to provide traceability, so people can be located.
I can locate all the fax spammers that fill my machine with garbage, I
can
call them and ask to be taken out of their lists, and they just keep
on morphing,
where my fax number goes like
, with multiple channels of information. The idea is that when trust develops
between machines, or machines and humans, we should essentially have
the same model as when trust develops between humans. In short, if we want
trust to be a bridge between these worlds, we need a common model.
Cheers,
Ed Gerck
[1
, are small PKIs using the DNS as a directory. These PKIs do
not need to interoperate and so they will be useful. But one will not
see a single PKI that issues certs for all the DNS space. For that we
would need a different beast.
Cheers,
Ed Gerck
PS: IMO the PKI market has been grossly
market that does not justify all the bloated
expectations around it. It simply does not size up.
Cheers,
Ed Gerck
Eric Rescorla wrote:
Ed Gerck [EMAIL PROTECTED] writes:
PS: IMO the PKI market has been grossly exaggerated. There are only
30,000 servers worldwide that can do SSL -- which
.
OTOH, it is a problem if you want to talk outside of your gopher hole ;-)
Ed Gerck wrote:
The fundamental problem is that the PKI architecture cannot
directly provide mutiple root functionality. You need to overlay bridge
CAs and other artifacts in order to create the paths. Now, imagine
, until We decide to revoke them but maybe not both.
For a user's view, check http://www.mcg.org.br/x509cert.htm
Cheers,
Ed Gerck
we certify that this key was supplied by a party who gave us money
in exchange for our assigning domain name x.y to it. we have no
idea who that party really
Ari Ollikainen wrote:
At 6:53 PM -0800 1/23/02, Ed Gerck wrote:
In addition, within the last ten years the Internet has changed radically
from a centrally controlled network to a network of networks -- with no
control point whatsoever. There is, thus, further reason to doubt
without
re-introducing control or fear of.
Since the cat can, and indeed may, go back to the
bag in this case, it seems to be in our best interest
to find ways to induce trust without recourse to
control (or fear of) as the only solution.
Cheers,
Ed Gerck
NCL communications are under the exclusive responsability of their
own authors, both to post AND delete, the authors are thereby encouraged to be
responsible ... or else. For additional details, see the posting below.
Comments?
Cheers,
Ed Gerck
--On Thursday, 24 January, 2002 04:51 -0800 Ed
expands to more than 60%
US houselholds served and brings in new users who
are utterly clueless. IMO, the solution is to learn how to
trust that which we cannot control. To some this may
sound even sacrilegious, but life is no different ;-)
Cheers,
Ed Gerck
Bill Manning wrote:
BITnet played
disagree with in my pragraph below? Please, excuse
my lack of understanding.
Cheers,
Ed Gerck
Dave Crocker wrote:
At 11:55 AM 1/24/2002 -0800, Ed Gerck wrote:
Even though it was so gradual that it was almost
unnoticeable, the transformation from a centrally controlled
network to a true
tenaciously promoting.
no, it doesn't follow. it follows only that Ed has failed to demonstrate
the problem.
And so that we might all agree, what would that problem be?
Cheers,
Ed Gerck
??
Cheers,
Ed Gerck
ten years ago will work today in the same
way.
Cheers,
Ed Gerck
years ago. Ten years ago it was not even really an internet,
it was more like a network -- with a central control point.
Cheers,
Ed Gerck
Gary E. Miller wrote:
Yo All!
Well Al Gore invented the internet in the early '80s, and the internet
penetration was not 60% by the early '90s, SO I
comments from anyone who
would like to co-author an ID on this topic. I already got some 30-year
experience feedback that could be useful ;-)
Cheers,
Ed Gerck
On Wed, 23 Jan 2002, Ed Gerck wrote:
The Internet broke the 60 percent penetration barrier in the U.S. faster
than any other medium
by association ;-)
Cheers,
Ed Gerck
need for address translation.
Nothing else, and nothing more, was claimed.
Cheers,
Ed Gerck
Steve Deering wrote:
At 8:12 AM -0800 2/16/01, Ed Gerck wrote:
1. there is a natural need for heterogeneous address systems and,
Agreed.
2. therefore, there is a natural need for address translation.
Only if there's some need to interconnect them, and even then only as
a temporary
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Actually, in the UK you can do just what you wish ;-)
You give a name to your house (say, "The Tulip") and
the post office knows where The Tulip is. If you move,
you can do the same
Steve Deering wrote:
At 3:41 PM -0800 2/15/01, Ed Gerck wrote:
You give a name to your house (say, "The Tulip") and
the post office knows where The Tulip is. If you move,
you can do the same at your new location, provided
there is no conflict.
...Note that this is
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Actually, in the UK you can do just what you wish ;-)
You give a name to your house (say, "The Tuli
Steve Deering wrote:
At 6:21 PM -0800 2/15/01, Ed Gerck wrote:
...
In Internet NAT terms, "The Tulip" is the globally routable IP number for
my DSL, the post office is my NAT box and the physical address
"545 Abbey St." is the local, non-routable IP number of my
sign. Thus, we need to be able to cope with
diversity, not try to iron it out. The NAT ugly duckling, the misfit to some, may well
be a harbinger.
Cheers,
Ed Gerck
than following the "let a thousand standards bloom" dictum, I think
that NATs (and similar approaches) are actually a way to provide for interoperation
and reduce heterogeneity -- and its effect, which is isolation.
Cheers,
Ed Gerck
is the other side of
Ockham's razor, when all possibilities are tried in order to find the best one,
not just the simplest one.
Cheers,
Ed Gerck
Bob Braden
with Noel's solution that a NAT-haters list might be in order.
Maybe you could call it NAT-not list, to avoid the "hate". Meanwhile, the
rest of the world would continue to pursue ways to deal with the real-world
needs answered by NATs (and things to come).
Cheers,
Ed Gerck
e a homogenous network, it can be a heteregenous
network with IPv4/NAT/IPv6. Since a heterogeneous network can use local
solutions for local problems, I believe Internet users will continue to prefer
local flexibility.
Comments?
Cheers,
Ed Gerck
t be built-in into the entire system
from voter registration to ballot reporting by means of closed
loops of trust (not to be confused with closed loops of
authorization).
Cheers,
Ed Gerck
usion from such
soundbytes.
Cheers,
Ed Gerck
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Bugs, however, can be either fixed or avoided.
This is the fundamental point where we differ -- the former is
difficult and itself bug-prone, and the latter is impossible in a
system of any real
, then I think
that calcite and rhyolite must not be not all that we can get ;-)
Cheers,
Ed Gerck
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Handling bugs is the major problem IMO (looks like we also agree here)
after DDoS, privacy, security, integrity, etc are handled (which are
not a small task, either). But this might not be so hard after
atent". I think we
have a fair proposal for it, which we call FREE patent, and is much the
same as FREE software.
However, I respect your disagreement. Hope we can meet some day.
Cheers,
Ed Gerck
Kai Henningsen wrote:
[EMAIL PROTECTED] (Ed Gerck) wrote on 12.01.01 in [EMAIL PROTECTED]:
No. Digital signatures such as X.509/PKIX do violate voter privacy, but
never ballot secrecy.
In all fairness to you, maybe there is a confusion with the word "privacy".
In this c
heers,
Ed Gerck
Ed Gerck wrote:
Paul Hoffman / IMC wrote:
Ed, why do you insist on advertising your patent-pending voting
solution on the IETF mailing list? It does not involve any IETF
protocol work, does it?
;-) SMTP, HTML, TLS, PGP, and others, including TCP/IP.
Pls do not be s
James:
Pls take a look at www.safevote.com -- including
www.safevote.com/tech.htm
Also at www.ivta.org, and www.thebell.net
Cheers,
Ed Gerck
Original Message
Date: Fri, 12 Jan 2001 04:46:30 -0800 (PST)
From: "James P. Salsman" [EMAIL PROTECTED]
To: [EMAIL
t link" is the paradigm. The paradigm shift
is that security can be made as strong as we desire. And, it is not so new. Hindus
in the Mogul period some 500 years ago already knew it (The Bell, October, Interview).
Cheers,
Ed Gerck
old voting technologies in use today
and what Internet voting protocols need to take into account. The Bell is
dedicated to help fill this gap -- perhaps with your help as well.
Cheers,
Ed Gerck
[1] Safevote (www.safevote.com) is a founding member of the Internet
Voting Technology Alliance (
gin to try to justify the means
by pointing out a nice goal, then we easily justify Hitler and Stalin also.
Goals can be very nice and look good on paper and speeches, but getting
there by ignoring basic rights is not a way to get there.
BTW, by citing Hitler, I hope to end this thread ;-)
Cheers,
Ed Gerck
://www.ivta.org
Cheers,
Ed Gerck
IETF and
other Internet standards bodies."
That's good, but why not undertake this within the existing IETF process,
rather than trying to emulate it?
Because it is outside the scope of the IETF.
Cheers,
Ed Gerck
for the opportunity to explain, in the best IETF tradition ;-) Iwrote
a bit, you ask ... I have then the opportunity and feel the need to explain
more.
Cheers,
Ed Gerck
Patrik Fältström wrote:
--On 2000-01-04 20.24 -0800, Ed Gerck [EMAIL PROTECTED] wrote:
The technical aspect here is that the RRP protocol documented in the
RFC proposed by NSI to the IETF is *not* what is being used by NSI
and is also *not* what should be used.
If this is your view
Patrik Fältström wrote:
--On 2000-01-05 01.29 -0800, Ed Gerck [EMAIL PROTECTED] wrote:
Alternatively, you may verify your mailbox of RAB messages and
decide by yourself. Also, NSI may verify the discrepancies by
themselves.
As the I-D didn't exist when the RAB existed (the date
Patrik Fältström wrote:
--On 2000-01-05 02.37 -0800, Ed Gerck [EMAIL PROTECTED] wrote:
What we have in the
proposed RFC is thus an outdated spec -- problems that were actually
reported *solved* in the March-October 1999 timeframe appear again
*unsolved* in the December 1999 timeframe
nterpret technically -- no politically by
euphemisms of a "presentation NSI have had for me".
Cheers,
Ed Gerck
[1] http://www.nsiregistry.com/history/rab.html :
Mission Statement The Network Solutions Registry Advisory Board (RAB) was formed to
provide Network
Solutions with independent external
They are also part of the mandates of Amendment
11, which I wish to interpret technically -- no politically by
euphemisms of a "presentation NSI have had for me".
Cheers,
Ed Gerck
[1] http://www.nsiregistry.com/history/rab.html :
Mission Statement The Network Solutions Registry A
Now, of course, if NSI wants to keep the protocol private then I
have no further comments.
Cheers,
Ed Gerck
why I decided to say something here (after
a week-old message to Scott when he did release the proposed RFC)
is exactly because I am acquainted with the process but not as comfortable
with it as you seem to be.
Cheers,
Ed Gerck
Harald Tveit Alvestrand wrote:
At 09:34 08.12.99 -0800, Ed Gerck wrote:
So, perhaps the same company could also make a NAT that
any homeowner could use? Because if the problem of NATs is
easy of use, and this is the key being banged here (the NY School
Board example, etc
"J. Noel Chiappa" wrote:
From: Ed Gerck [EMAIL PROTECTED]
maybe this is what the market wants -- a multiple-protocol Internet,
where tools for IPv4/IPv6 interoperation will be needed ... and valued.
This relates to an approach that seems more fruitful, to me -
Lloyd Wood wrote:
On Wed, 8 Dec 1999, Ed Gerck wrote:
The very concept of data needs thus to revisited. Suppose we define data as the
*difference* D2 - D1 that can be measured between two states of data systems.
Then, it can be shown that this difference can be measured by means
90 matches
Mail list logo