From: "Jon Kyme" <jrk(_at_)merseymail(_dot_)com>
I wonder if there's a case for taking some position on the privacy issues
involved in CR systems?
Issues like this:
http://www.toyz.org/SpamArrestSpams.html
Summary: Alleges SpamArrest harvests sender addresses
I see privacy issues for challenge/response systems, but that's not
one. Ths SpamArrest abuse is a potential problem in any system where
you let a third party with handle your mail. It is a consideration
in any system where that involves asking a third party anything about
mail, including DNS blacklists.
I think the obvious challenge/response privacy leaks are:
- more messages slopping around the net indicating that two people
are conversing and probably something about the subject of their mail.
A bad guy that cannot see the original mail might still be able
to see the challenge or the response.
- inferences that can be made by sending one message to two addresses,
one of which the bad guy knows will generate a challenge and one
that won't.
Depending on how the system works, the extra target address might
affect how quickly or even whether the challenge is produced.
- leaks from queues or whatever containing mail awaiting responses.
None seem major, but they ought to be mentioned.
I think any spam filtering RFC ought to have a section on privacy
like the required section on security.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg