Original thread message:
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg01552.html
Kee,
All good points... there's no perfect solution, but let me address your
constructive criticism point-by-point:
1. Yes, these long addresses containing GUIDs are hard to remember.
Therefore, you do need an address book. I generally email from a single
machine, so I don't feel that same pain of needing to send mail from
multiple machines. Maybe there are some stats on how many people use
multiple machines for routine emailing.
2. If you and your friends find it easy to use this approach, then do so.
Each of you has to only click the "grant" and "accept" button once in the
ASP software, and you've exchanged private email addresses for each other.
After that, emailing is just as simple as sending is now, assuming you use
an address book (or have super-human memory and fast fingers!) If you don't
want to annoy anyone (the kind of person who likes to please everyone), then
check your regular email address once every week or so, but the friends who
cared enough to click a few buttons as a one-time setup would get faster
response than once a week.
3. Yes, you're right that you still have the spam mail to read if you want,
but at least you can segregate it from authenticated email. Many users will
probably want to use a "vacation" type auto-reply that says "your message
landed in my anyone-and-everyone folder... I'll read it sometime before the
22nd century, or you can call me and we'll exchange high-priority email
addresses with each other...". You could also run spam content filters on
your unsolicited mail folder, risking false positives.
4. (humor) This is an unforeseen benefit of this solution: annoy all your
friends so they never write to you again, and then you can safely conclude
all the remaining emails are spam! :) (seriously) Some will set this up, but
in an open-standards world, everyone can do as they wish.
5. There are several approaches we've started: a custom MUA, a custom MTA,
or both. The most likely to occur quickly is a custom MTA alone. Many MUA's
already handle sorting messages by importance tag, so the custom MTA would
modify the importance tag when it auto-forwards email to the final account
for POP3/IMAP pickup. For example, if I get a "high importance" message from
you at dlampert_<GUID>@homeai.com, it'll forward perhaps as a "low
importance" (no insult intended) message to
dlampert_the_real_shady(_at_)homeai(_dot_)com (no, that's not the real account,
and
everyone has their own real account). No need to change your MUA; however,
other benefits come from a custom MUA plug-in.
6. Good point. Obviously, if you store everyone in your address book, and a
virus gets your address book, that's not good. (humor) Just like robot.txt,
let's have a virus.txt with content "desire-to-be-infected=0". That should
stop all viruses! :)
7. Example: if Ian rated Jane a 90%, and Jane gives to Kim this email
address "ian_<GUID-for-Jane>@...", then, yes, Kim has the same access to Ian
that Jane would (90%). The system, however, supports referral and
introduction actions done through the same web site console as striking up
conversations.
Overall, this proposed system is just slighly more difficult than just
sending someone an email. It requires at least a few clicks ONE TIME to
strike up a friendship, etc. But the advantage is that we don't need to
overhaul the whole SMTP system. Yes, eventually an overhaul may be the way
to go, but by that time, I'll have my HMD and data gloves on while
participating in an IETF panel remotely from Fiji.
Keep the constructive criticism coming...
-Dave "VR Fiji" Lampert
-----Original Message-----
From: Kee Hinckley [mailto:nazgul(_at_)somewhere(_dot_)com]
Sent: Tuesday, March 18, 2003 5:36 PM
To: Dave Lampert
Cc: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Gray list: rating of associates
1. Now nobody can remember your email address. They have to have
their address book with them on every machine they send email from.
Otherwise it ends up in your "deal with later" bin. (And it's real
easy to miss that one real message when 90% of the stuff in the bin
is spam.)
2. You annoy your friends. Initiating a discussion becomes a pain.
You also annoy strangers by sending them a new contact address that
they don't want.
3. You still have to read every email message that comes into the
main address, because you are never sure whether it's spam or someone
legit trying to talk to you (in other words, same as now).
4. If not #3, then you need a challenge response system, which
*really* annoys your friends.
5. You need to write a custom MUA that handles this whole priority
system. And if you think I'm going to let my MUA prompt me to
prioritize every person who sends me email you haven't seen my inbox!
6. You've just made a virus-writers dream. I can't communicate with
anyone anymore without an address book--so I have to have *everyone*
I send mail to in my address book.
7. You need to write custom MUA or MTA software that handles address
mapping. In particular you have the problem of any random discussion
between several people. I send to three people, they all do a
reply-all and all of the addresses are wrong for them to send to. It
will get through of course--but not at the priority you wanted. In
addition, some number of recipients are going to add the address in
the To to their address book, which isn't what you had in mind at
all. And if they send using one of those addresses after I've
canceled it (the previous owner of that address is on my bad list)
then I won't get the mail at all.
You don't need to use custom addresses to do that. And as mentioned
above, you'll be getting mail from people to whom you didn't give out
the private address. So it isn't a reliable authentication mechanism.
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg