From: "John Fenley" <pontifier(_at_)hotmail(_dot_)com>
Someone mentioned writing some guidelines for responsible Challenge/Response
systems. Any chance we could officially ask Earthlink to hold off deployment
for a month so we can get something together to guide them?
Who is we, Kemo Sabe? As I keep saying, the IETF is about increasing
the likelihood of interoperation, not policing the network. What
consenting parties do with IP packets is their private business.
Earthlink and Earthlink's customers are consenting parties minding
their private business.
But set that asside and also the fact that this is an IRTF instead of
IETF group. If you were in charge of Earthlink and so probably had
a few minions who are familiar with the way the IETF works and know
that BCPs and standards track RFCs require at least months and sometimes
years to to get past the final last call, what would you do? If you
were an Earthlink stockholder, wouldn't you expect your board of
directories to fire CEO that delays offering something the market
wants because the IETF might someday say something about the best way
to implement it?
Don't you suppose that Earthlink had surely been testing their scheme
in fairly large scale trials for months before the public announcment?
Have you ever tried to tell people that what they've built and tested
for months must be delayed because some self-appointed experts like
us haven't commented on it?
Perhaps even a list of fatal flaws and suggested best practices would help.
These are my suggestions for a beginning list of problems:
1. Avoid infinite loops.
Let's assume until contrary evidence arrives that Earthlink's designers
and implementors are not complete idiots.
2. Allow all Opt-in mail.
That is an impossible goal.
3. take steps to prevent spammer evolution.
That sounds impossible.
4. Provide proof that the challenge is legitimate.
Why except as eyewash? And what would it be?
5. Avoid simple reply style challenges that are easy to autorespond to.
That is a design trade-off. If you do that, you also prevent some
legitimate responses. Not all mail involves HTML. If it's text,
it' at least practical to parse.
6. Use generous auto whitelisting.
That also involves design trade-offs that can argue to the contrary.
7. support all types of identity proofs including new ones.
We don't want much, do we?
8. Don't just delete everything that doesn't respond correctly, perhaps
reward correct challenges by placing them at the top of the inbox.
Spam that you see is not really filtered. Which of your time is wasted
on spam matters less than than the fact that your time is stolen.
I hope I've at least demonstrated that a challenge-response BCP is
not as simple as it sounds and that it would be unwise for Earthlink
to wait for an Internet ***RESEARCH*** Task Force to speak before
responding to the marketplace.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg