ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Consent Proposal

2003-07-01 10:48:32
from [Yakov Shafranovich] [Permanent Link] 
At 07:53 AM 6/27/2003 +0100, Jon Kyme wrote:


[..]
>what should we be looking at right
> now?
> In general, what directions should the group be pursuing at the moment?

I strongly believe that you are right, that an analysis of the consent
problem is important. I believe that one can get to a general framework for
anti-spam systems from first principles.

I think it tends to something like:
message classifier function
+ expression of recipient policy (consent expression)
+ policy enforcement agent


This is consistent with the charter which proposes these components as well.

---snip---
The research group will investigate the feasibility of: (1) a single architecture that supports this and (2) a framework that allows different systems to be plugged in to provide different pieces of the solution. 

Possible components of such a framework may include:
o Consent Expression Component: This involves recipients expressing a policy that gives consent or non-consent for certain types of communications
o Policy Enforcement Component: This involves subsystems within the communication system that enforce the policy. The overall framework may involve multiple subsystems within the policy enforcement component. This may involve fail-open or fail-closed approaches. With a fail-open approach, the system must identify messages that do not have consent. For example, this may include approaches that determine the nature of a message based on its characteristics or input from a collaborative filtering system. With a fail-closed approach, the system must identify messages that do have consent and only allow those to be delivered. For example, consent may be expressed by a policy, by a "consent token" within the message, or by some payment that essentially purchases consent or delivery rights.
o Source Tracking Component: This component provides deterrence to parties that consider violating the policy by facilitating identification and tracking of senders that violate the policy. This may require non-repudiation at the original sender, the sender's ISP, or some other entities involved in the communication system.
Note that "consent" need not necessarily be in advance. It is within scope for ASRG to consider frameworks in which receivers express their lack of consent only after having received a message. ---snip--- 

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] SMTP server connections that disconnect right away, Chris Lewis
Next by Date:  Re: [Asrg] In case anyone thought Barry was exaggerating, Chris Lewis
Previous by Thread:  Re: [Asrg] Consent Proposal, Yakov Shafranovich
Next by Thread:  RE: [Asrg] Consent Proposal, Bob Wyman
Indexes:  [Date] [Thread] [Top] [All Lists]