ietf-asrg
[Top] [All Lists]

[Asrg] License to Send

2003-04-30 14:14:10
In draft-crocker-spam-techconsider-00.txt
4.2. Explicit Lists
        I think this might be better expressed as "explicit
authorization". White lists are lists of authorized senders, black lists
are lists of senders who are explicitly not-authorized to send. 
        Maintaining "lists" is only one way for a recipient to express
authorization or lack of it. 
        An alternative to whitelists, as a mechanism for recording
consent to receive mail or authorization to send it, is for a recipient
to issue to an originator a certificate that explicitly authorizes that
originator to send messages. You can think of this as a "license to
send." As has been proposed at various times on this list, such a
certificate would either be carried in the mail headers or a token
abstracting it could be embedded into the recipient's address (i.e.
single-user email addresses). Any *.r (recipient) could issue a license
to any upstream *.o (originator) which would be returned, like a cookie,
by the *.o when sending messages. The recipient would use the presence
of a "license to send" as an indicator that other anti-spam mechanisms
should be short-circuited for the specific message. Or, a recipient
could refuse all unlicensed mail.
        Elaborations are, of course, possible. For instance, if the
recipient had access to the public key of the originator, then the
originator could add a signature to the license which signed the
combination of the license and the message. The result would be both
clear authentication and authorization of the message being sent.
        As pointed out, this mechanism of "license to send" could be
used between any pair of *.r's and *.o's. Thus, two MTA's could, for
instance, establish a trust relationship via such licenses which would
be enforceable even if there were intervening MTA's.
        Such licenses to send have the advantage of not requiring a
central "whitelist" in order to be maintained. Not having a central list
creates a more robust system as well as tends to protect the privacy of
correspondents (i.e. you can't get my full list of authorized
correspondents by capturing my whitelist.)
        Licenses could also be constructed that would authorize not just
sending, but be specific about what could be sent. While going somewhat
beyond "spam," this could allow MTA.o's to help ensure that originated
messages are only those that conform to what the recipient desires to
receive. For instance, the "license to send" could carry constraints
that might limit the size of authorized messages, the frequency of
messages, or whether or not messages contained HTML. If such expressive
licenses were used, in theory, a cooperating MTA.o could evaluate a
message, compare it against the policy expressed in the license and warn
the sender that the message might not be authorized... Various
additional elaborations are possible -- it is all about consent...
        The opportunities for standardization include:
        * Definition of a format for the license to send
        * Definition of Best Practices for issuing and maintaining the
licenses

                bob wyman

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg