And if everybody were a nice person, we would not have this problem.
If certs were required to send mail, then we'd have big ISPs
distributing
CDROMs labelled "4000 free hours" and automatically issuing certs
along with user names and passwords. There would be no change from
the current situation, except that the commercial CAs would have
another revenue stream.
The feasibility would hang on a CA issuing certs only subject to
strict T&C, taking responsibility for revoking in the case of
demonstrated
violation of that T&C and for client software to correctly consult
revocation
lists. The technology for this is all well-understood but there doesn't
seem to be a body in place offering this facility. But I'm not proposing
such a system - that's for others with more expertise in this area. And
besides,
its a business problem rather than a technical one.
No, Dave's response was on target. If ISPs would enforce strict T&C,
there would be no spam. User names and passwords are required to send
spam, and ISPs could terminate accounts for spamming. Expecting ISPs
to revoke certs for spam when they now refuse to termiante accounts
for spam makes no sense.
NO, begging your pardon, you're mistaking me - I commented that a *CA*
(not necc. an *ISP*) revoking a Cert would be required to make something
like this work. I know that applications have failed to check back up
certificate chains for revocation, but if this were done then an ISP would
be unlikely to risk their cert by signing spammers certs.
Please by all means argue with what I said, but it's most unfair to shoot
me down for saying something that I did not in fact say.
I'm not sure whether this is feasible at all. I don't claim any special
knowledge in this area.
There is essentailly no spam that is not ultimately the responsibility
of an ISP that is trivial for spam targets with minimal technical
clues to identify.
Similarly, every spammer's web pages are hosted by an ISP that could
enforce T&C's against spam.
This applies to open proxies. Essentially all ISPs prohibit running
open proxies. Spam whose original ISP is hidden by an open proxy
could be stopped by the second ISP enforcing its T&C against open
proxies.
Yes absolutely, and there's currently no sanction against rogue ISPs
except blacklisting.
You implied that the use of certs could have no impact on this issue,
I merely pointed out how it *might*.
I'm sorry that I didn't make myself clear enough.
I hope this helps.
--
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg