Alan,
AD> I fail to see how the net changes when I roam inter-country, as
AD> opposed to intra-country. The authentication & other network
AD> protocols I use are the same. In many cases, I use the services of
AD> the same global company.
In many cases, one can not. This changes the issues for authentication
and inter-administration authorization. Different access services
employ different rules. Sometimes the rules collide.
AD> The only things which change are local implementations.
how about with a laptop, using pop/smtp, rather than web user interface
to your home email application?
how about when connected to a remote network, such as a clients?
Or from a hotel, using your laptop?
AD> Any problems with those activities come ONLY from poor or inadequate
AD> local implementations.
That is a facile, but not very useful response. First it contains no
substantiation of such a dismissal, and second it ignores the realities
that users experience.
AD> In contrast, your position paradoxically requires the very thing you
AD> appear to oppose. NOT enforcing local consent, and NOT exposing that
AD> consent to the network, means that the recipient MUST perform ALL of
AD> the work of authenticating the sender, by applying content filters,
AD> white lists, key signing, challenge-response, etc.
My "position" is to pay attention to the vagaries and needs of the real-world,
rather than assume that we can operate things simplistically.
That sort of "position" tends to work far better for getting viable
services that people will actually agree to.
AD> i.e. The sender
AD> must effectively "log in" to the recipient, and satisfy expensive
AD> authentication methods.
AD> This result is what boggles my mind about the position of "roaming
AD> users MUST be able to send messages from anywhere, claiming to be
AD> anyone."
The error of this sort of consent model is that it requires global
enforcement of network access identification and that it be used to
substantiate author identity. This a) ignores a variety of valid ISP
business models that do not permit that correlation, b) ignores the fact
that identification does not ensure legitimate behavior, and c)
identification does not ensure enforceability.
d/
--
Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
Brandenburg InternetWorking <http://www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg