At 04:00 PM 7/1/2003 +0000, Mark McCarron wrote:
[..]
Thanks for your comments. My response are in the body of the message
below. This post relates to the 'GIEIS' system viewable here at:
[..]
From: "Danny Angus" <danny(_at_)apache(_dot_)org>
To: "Mark McCarron"
<markmccarron_itt(_at_)hotmail(_dot_)com>,<asrg(_at_)ietf(_dot_)org>
Subject: RE: [Asrg] (no subject)
Date: Tue, 1 Jul 2003 14:33:57 +0100
Mark McCarron wrote:
> SMTP is a dying
> protocol, imagine what it would be like in 10 years?
Erm .. I don't think that is quite correct, surely?
I know that IM is growing in popularity and I wouldn't be surprised if
SMTP was loosing "market share" but to describe what must be one of, if
not the, most widely used internet protocols as dying is preposterous.
Perhaps you could back up your claim with evidence, I'd be happy to eat
humble pie if you're right.
Mark's Response:
SMTP is a dying protocol. It was never designed to handle the current
flow of email on the Internet nor provide the security for it. As long as
SMTP exists, spam, virus', worms and trojans will only grow on the
Internet to an unbelievable level. Every resolution has been attempted
and failed. Let me make this crystal clear for everyone, SMTP cannot EVER
be secured. We are rapidly coming to the point were email would be
withdrawn completely. This is not some idle threat, but a proposal
seriously being considered. Anyone who knows the technical side of SMTP,
will tell you quite clearly that the protocol itself is to blame. Spam
accounts for 30% of all traffic on the Internet now, what percentage would
it be in 10 years?
[..]
It has been mentioned many times that the problem is not just SMTP - its
all of Internet. The Internet including all of its protocols cannot be
secured since all of the underlying protocols were developed as an open
system. Getting rid of SMTP alone, will not solve the problem of underlying
openness.
[..]
> The system we tested it on was a private network, also, it wasn't
> using the
> full aspects of the 'GIEIS' design. It was just a feasibility
> test and it
> responded well, in fact, 100%.
100% of what? did you try to break it, did you try to fool it, what
happens to mail if you launch a DOS attack on the token server?
Mark's Response:
Dos (denial of service) does not work on every machine. Proper security
measures eliminate this threat. Dry run 'GIEIS' for yourself, its unbreakable.
"Security by obscurity" does not work - until the system is deployed in the
wild, no one can calim that its secure.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg