As many group members have noticed in the last few days, Mr. McCarron has
been posting a large volume of messages to the list regarding the GIEIS
system that he is developing. The following is my analysis of his proposed
system and how it falls within the consent framework (current draft at
http://www.solidmatrix.com/research/asrg/asrg-consent-framework.html). All
quotes are from (http://homepage.ntlworld.com/giza.necropolis/).
---------
ANALYSIS
The GIEIS system seems to be a convergence of two proposals: message
tracking and centralization. Message tracking has been proposed by John
Fenley as part of the C/R protocol and other proposals (callback, etc.).
Centralization is not new but is similar to the other proposals on the list
especially Walter Dnes's "Business Email" proposal. This is also similar to
the proposal by someone else who suggested registration of all SMTP servers
and perhaps issuing digital certificates to them.
Every message in the GIEIS system is stamped with a tracking number issued
by the ISP's server (EAS). These servers are in turn authorized or
controlled by central entity. Thus two goals are accomplished: spam is
traceable and action can be easily taken against spammers by kicking them
off the GIEIS network. Within the consent framework this would correspond
to the SOURCE TRACKING COMPONENT. The RECEIVER is assumed to have his
CONSENT POLICY set to accept GIEIS messages, will check the tracking code
against the central database and grant consent if the code if valid. The
centralization aspect of the proposal is what actually prevents spam -
action can be easily taken against the SENDERs by fining them or kicking
them off the system.
There are numerous other things mentioned in the GIEIS proposal, all of
which are either irrelevant to fighting spam such as viruses, or are
implementation details. Many other spam-related approaches are lumped
together as well, many of which are irrelevant and have been taken from the
group discussions without granting credit to their authors. An example of
that is Gordon's proposal on requiring ASCII only email.
SUGGESTIONS TO MR. MCCARON
1. Take all the BS out of your proposal and separate the main idea from the
implementation details.
2. Stop thinking that your system will take over the Net - any system
implemented will need to accommodate multiple implementation details. You
will be better off on proposing a system like Truste.
3. CREATE A SEPARATE mailing list or discussion area for your proposal
where you can work out the kinks like the SPF proposal's author did. Then
present us with a draft.
4. Participate in defining the consent framework.
5. Give credit where its due, when you use someone's idea - give credit.
--------------------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg