ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Locked addresses (was Do we need to do anything?

2003-03-07 13:34:29
from [Kee Hinckley] [Permanent Link] 
At 1:10 PM -0500 3/7/03, David F. Skoll wrote:

On Fri, 7 Mar 2003, Kee Hinckley wrote:

 Again.  My mother is standing at the email kiosk in an airport.  She
 wants to send email to you.  You've authorized one of her temporary
 email messages to send email to one of your temporary email messages.
 Now what?


She logs on to her ISP's Webmail system, where all of her locked
addresses are stored.  Using her "normal" (to her) e-mail address, she
sends you a message over the Webmail.  The ISP's server looks up the
originator address and the destination address, modifies
appropriately, and shoots it off.

Piece of cake.
I see. You're saying that she sends email via her mail server (using some authentication mechanism to be specified by the server). And that mail server retains an N-factorial list of possible email address combinations. Your email client uses your "real" address sending to the MTA. The sending MTA transforms that based on who you are sending email to. And the receiving MTA receives it based on who it was sent to AND from.
So now not only am I tied to my ISPs whim for an email address (mediaone last year, attbi last month, comcast today), I'm also tied to them because if I go to another ISP I'm unable to send email to any of my contacts. Not only will they reject the mail if I send it from a new address, I don't even know what their email address is!
Of course you can quarantine all of your email that someone sends to an address from the wrong address, and look at it. And you can bet all your spam is going to have subjects like: "My email address just changed" in order to get you to open that mail.
You could also fix much of the problem by having a consistent concept of "identity" that could be checked by looking up an address (and vice versa). But then we are talking about cryptographic authentication systems for individuals--again. 


 > This is typically an address book.  How

 does this get implemented without the use of MUA changes?


Easy.  In your address book, I am
"ephem-zbhsbhbe3(_at_)roaringpenguin(_dot_)com".  That's my address.  No 
problem.
Any mail you send to that address, from your own address, will work.
If you also have ephemeral addresses, then you need to send it out via
your server.  Your server obscures your address, but that's OK,
because my server knows *you* as "ephem-zkjkejruih3(_at_)yourdomain(_dot_)com",
which is all it sees.
You've got an interesting protocol problem for initial contacts between two people. It involves quarantines, special server protocols for mapping addresses, and then remapping addresses once the recipient has decided on an ephemeral address to use. I think it looks something like this: 

0. You give me dfs-bizcard(_at_)example(_dot_)com, I put it in my address book.
1. I send email to dfs-bizcard(_at_)example(_dot_)com
2. My server sets my from to asdfasdf(_at_)example(_dot_)net
3. Your server quarantines my message until you can okay it.
4. Your server sends back a confirmation to my server telling it that your address for me will be qwerqwer(_at_)example(_dot_)com(_dot_) 5. My server remaps asdfasdf(_at_)example(_dot_)net to be the standard from address for mail to qwerqwer(_at_)example(_dot_)com(_dot_) 6. My server sends me mail telling me that your address is qewrqwer(_at_)example(_dot_)com(_dot_) 7. I add qewrqwer(_at_)example(_dot_)com to my address book and remove dfs-bizcard(_at_)example(_dot_)com(_dot_) 6. Finally we can talk. But only if I use my server. And if I ever go anywhere else I can no longer communicate with you. And of course, if I don't have a server that supports this, I have to handle this whole negotiation by hand.
I think having an address book that is so complex that only a server can manage it is a bad idea. Tying it to your current email address (which as we all know, changes frequently for people) and company or ISP is even worse.
Fundamentally this is just another complex challenge/response->whitelist system, and they have two problems that I think will keep them from working. 

1. They annoy customers, so businesses won't adopt them.
2. They don't work with automated business email, so customers won't adopt them.
We've already had at least one public complaint (and many private I'm sure) of Nate W, who is using such a system on this list. (And a broken one as well, I've had to respond to "Nate's Secretary" multiple times already.) And we've also seen the failure of content filters on this list. I'm surprised nobody's bounced my domain due to some blacklist yet. 
--
Kee Hinckley
http://www.puremessaging.com/        Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Race conditions at end of DATA, David F. Skoll
Next by Date:  Re: [Asrg] Stamps, Vernon Schryver
Previous by Thread:  Re: [Asrg] Locked addresses (was Do we need to do anything?, Mark Delany
Next by Thread:  Re: [Asrg] Locked addresses (was Do we need to do anything?, David F. Skoll
Indexes:  [Date] [Thread] [Top] [All Lists]