ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Proposal for transition to authenticated email

2003-04-29 06:02:53
from [Vernon Schryver] [Permanent Link] 
From: "Ken Hirsch" <kenhirsch(_at_)myself(_dot_)com>



I advocate the use of SMTP-TLS, but it has a major defect for
authenticating mail.  It only authenticates one MTA to another, or



And that is all that is necessary.  I don't think that authenticating the 
actual
sender is practical.  In order for sender authentication to be common it has 
to be
inexpensive and convenient.  In order to prevent spam,  certificates need to 
be
expensive and/or inconvenient.


I agree SMTP-TLS is the first form of mail encryption that has any
hope of becoming somewhat common.  But being somewhat common is
not the only requirement for stopping spam.


                      That is why I only propose that some party (usually
the ISP) be authenticated and responsible for enforcing antispam policy.


If ISPs could be relied upon to enforce antispam policies, then there
would be no spam problem.  Absolutely every bit of spam comes to your
SMTP server from a network controlled by an ISP that could enforce an
antispam policy that could have prevented it.  This applies to spam
through open proxies and relays as well as direct-from-MTA spam,
because the ISP of the party with the open relay or proxy could enforce
terms of service that treat running an open proxy or relay like the
security violation it is.



...

If any of that were true, then it would be equally true of ISPs.
Every SMTP message carries a practically unforgeable token identifying
and authenticating the previous hop ISP.  If certificate authorities
could be trusted to police customers that spend $100/year for a
certificate, then ISPs could be trusted to police customers that spend
$240/year for ISP service.


Well, if you really consider message headers unforgeable, ...


I've written so variations of that screed for so many years that I
didn't see that left out an important bit.  The practically unforgeable
token is the IP address of the SMTP client.  If you were right that
a vendor that has sold $100/year certs could be trusted to revoke
them, then you would be right that vendors that sell the $240-$360/year
certs that are IP addresses could be trusted to revoke those, and
there would be no spam problem.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] A New Plan for No Spam / DNSBLS, Jon Kyme
Next by Date:  Re: [Asrg] A New Plan for No Spam / DNSBLS, Jim Youll
Previous by Thread:  Re: [Asrg] Proposal for transition to authenticated email, wayne
Next by Thread:  Re: [Asrg] Proposal for transition to authenticated email, Kee Hinckley
Indexes:  [Date] [Thread] [Top] [All Lists]