I think we should have a moratorium on discussion of requirements and how
bad the problem is.
Yes I am completely serious. There is no point in measurement without
knowing which theory you want to test. Particularly when there is no actual
measurement, only anecdotes.
I don't see any point in people shooting down proposals on the basis of
anecdotal evidence.
I believe we should present high level architectural solutions, stating the
part of the spam problem we intend to solve and the parts that we do not
intend to solve and any operational or deployment constraints involved. In
particular I am intersted in the cost of deployment, the point at which the
proposal provides value to the party expected to deploy and any
preconditions for obtaining value.
I believe that there should be a moratorium on useless comments such as
'that will never work' or 'that will fail' unless accompanied by a solution
within the specific architectural approach concerned. So simply saying flat
out that reverse DNS does not work is unhelpful, saying that you get the
desired effect in an equivalent manner by working through the forward track
is helpful.
Instead of saying 'no headers are forged so authentication is useless' put
the question, what proportion of headers are forged? which then becomes an
issue that we ask the measurement people to address.
By an architectural proposal I suggest that something much more than 'lets
introduce sender charges' but not necessarily the bits on the wire. So
proposing to propose a scheme for sender charges someone should describe all
the components involved, including the infrastructure required to aggregate
payments and transfer settlements and a security proof to demonstrate the
system was proof against fraud.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg