On Wednesday, June 04, 2003 12:31 PM, Yakov Shafranovich
[SMTP:research(_at_)solidmatrix(_dot_)com] wrote:
At 03:30 PM 6/3/2003 -1000, Peter Kay wrote:
[..]
Here's mine:
Spam is transmission of mass email without the prior explicit
authorization of the recipient.
[..]
From the charter (http://www.irtf.org/charters/asrg.html):
"The definition of spam messages is not clear and is not consistent across
different individuals or organizations. Therefore, we generalize the
problem into "consent-based communication". This means that an individual
or organization should be able to express consent or lack of consent for
certain communication and have the architecture support those desires."
Yes, that is the issue. The ability 'to express consent or lack of consent for
certain communication and that the architecture support those desires'. To me
that is a sort of 'policy enforcement mechanism,' the over-arching question/s
is/are:
- can such a policy mechanism be architected?
- how is such a 'policy mechanism' described in technical terms, e.g. that can
be expressed within an 'architecture'?
- what are the essential components of the policy decision?
- what are the essential technical aspects of the 'policy decision engine'?
- what is the placement of the 'policy decision engine' - core vs. edge?
- what are the user definable aspects for instantiating policy decisions?
- what are the measured attributes for determining policy conformance or
violation?
IMHO the rest are implementation specific decisions, I have left some of the
research areas out, that is intended. I have included some that are personal
preferences, that is also intended. I feel that this can be cast as an
engineering problem, but it currently does not have a consensus driver for all
of the involved players, essentially the target community for compliance review
are 'rouge players' and demonstrate adaptability designed to be contrary to the
policy decisions which we are attempting to fix upon their activity. That is
the significant issue.
There is perhaps a additional track here concerning the 'fuzziness' approach
that Vernon mentioned in the decision processes for 'making a determination'.
Such an approach requires a collaborative approach for components in the
'decision engine'. No one part can do it all, IMHO.
-e
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg