Hello all,
I would like to welcome everyone to the ASRG mailing list. I'm sure that
each of you are here because you have an interest in the development of a
solution to the problem of unwanted email messages (not to leave out the
spammer spies that are among us). There are a number of parties on the
mailing list that bring unique experiences and perspectives to the table.
There are also a number of people that have spent time working on either
current anti-spam systems or proposals for new approaches to the problem.
This is a unique group of individuals that represent a wide spectrum of
types of organizations. We have the ability here to effect real change on a
large scale. I look forward to working together.
I appreciate everyone that has shared their opinions and ideas so far. In
order to provide some structure and direction to this conversation, I ask
that everyone on the mailing list become familiar with the charter of the
research group. (http://www.irtf.org/charters/asrg.html) . I worked closely
with Vern Paxson, chair of the IRTF, with input from a number of others in
the Internet community to carefully frame the scope of the research group.
You will notice that the charter indicates no bias towards any particular
approach to the problem, but seeks to foster an systematic and objective
approach to pursuing the solution.
There are some points from the charter that everyone should be familiar
with:
View of the problem: "Consent-based communication"
Components of a solution:
1. consent expression
2. policy enforcement
3. source tracking (authentication/identification/non-repudiation)
Goals of the group:
1. understand the problem
2. propose solutions
3. evaluate solutions
Milestones/Deliverables:
1. problem statement/ requirements document
2. taxonomy of existing approaches
3. taxonomy of proposed approaches
4. evaluation of existing and proposed approaches ( to include usefulness,
monetary cost, affect on normal use of email, legal support of the solution
and vice versa)
5. transfer of technology (possibly through standards proposals to the IETF)
Other key thoughts:
1. stop the threat as close to the source as possible
2. cast the spam problem into different perspectives to leverage previous
work (i.e. denial-of-service; intrusion detection; authentication,
authorization, and accounting)
I am seeking comments on the charter.
-does the consent-based communication viewpoint sufficiently generalizes the
problem?
-do the three components cover the requirements?
I am seeking individuals that are interested in taking a more active role in
managing one of the first four deliverables mentioned above.
Paul
___________________________________________________
Paul Q. Judge, Ph.D. paul(_dot_)judge(_at_)ciphertrust(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg