At 3:44 PM -0500 3/7/03, David F. Skoll wrote:
It's not N-factorial; where did you come up with that? It's
N-squared.
Sorry. Up too late last night.
> So now not only am I tied to my ISPs whim for an email address
(mediaone last year, attbi last month, comcast today), I'm also tied
to them because if I go to another ISP I'm unable to send email to
any of my contacts.
No. When you send mail to your contacts, you'll need to use their
public challenge-response address to revalidate yourself.
This is a pain, no doubt. There's no pain-free way to end spam that I
can see.
True. But this doesn't come close to ending spam. All spam ends up
having to be filtered by a system that tells you which messages in
your challenge-response queue should be looked at. Why go to all
this hassle if you're going to have to filter anyway? Yes, it's
easier to filter, yes you can look less often. On the other hand,
with all these email addresses, you're going to have a lot more spam
there.
> You've got an interesting protocol problem for initial contacts
between two people.
No, not really. Like I said, you have an initial challenge-response
contact address for the first contact. You need to make the challenge
easy to solve by a human, but hard for an automated process.
It's more than just challenge response, there's a multi-step process
going back and forth. If I send you mail initially with a throw-away
address then you have't a clue whether "Kee Hinckley"
<xasdfadf(_at_)hotmail(_dot_)com> is really the person you were talking to at
the conference yesterday. So I have to send you email with my
bizcard address in the from so you recognize it, and then you have to
reply with your throw-away, and then I need to reply with my
throw-away.
> 6. Finally we can talk. But only if I use my server. And if I ever
go anywhere else I can no longer communicate with you.
Yes, you can, via dfs-bizcard.
So I actually need to keep *two* addresses in my address book for
every person, and be careful only to use the correct one? Or are you
assuming that the server will remap the To: address as well? I
suppose it might as well.
> I think having an address book that is so complex that only a server
> can manage it is a bad idea.
Lots of people already do that. LDAP, anyone?
Nope. LDAP is a static directory. I can always download it to my
desktop. This address book is algorithmically driven.
Look. From a technical perspective you're proposing something very
cool with lots of flexibility and neat possibilities. It's got lots
of power. You've even convinced me that it could be done.
But the average user isn't going to understand it at all. Never mind
that they don't need any of the side benefits. There is no incentive
for creating the infrastructure required for such a system. It makes
dealing with new people and new addresses much harder than it
currently is in email or any other medium. We've got people hear
yelling at someone whose challenge response is simply a "reply", but
you're proposing a complicated back and forth combined with a Turing
test.
If we want a system to be deployed for end-user use, it's got to pass
the elevator test. That's the standard VC test for a concept.
You've got to be able to explain it to someone during an elevator
ride. I don't see that with any system described so far. That's why
I'm convinced that the initial solution has to be a simple
modification to the MTA, with later migration to the MUA. *Static*
directory services still haven't taken off, I don't think dynamic
ones are going to have any more success.
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg