At 10:07 PM -0700 2003/09/28, Claus Assmann wrote:
Question: what do you gain by requiring a cert? Whom do you trust
to be a CA? BTW: the hierarchical structure of X.509 certs is
fine for companies, but not for others, where a "web of trust"
would be more appropriate.
I'm thinking that we might be able to do something like USENET
PGP-signed message cancels, or even No-C-Em's. Just add to your PGP
keyring the keys you choose to trust, and then listen to the
appropriate port. Better yet, use an outbound connection from your
server to a robust P2P network like freenet, and therefore use a
relatively randomly assigned port.
It would be nice if someone categorizes the ways how spam reaches
the recipients (open relay, proxy, trojaned PCs, directly from
spammers, etc), and the explain how you can defeat those (DNS BLs
for the first two at least, rMX/designated sender can help in some
cases, etc).
Regretfully, we've seen that DNS BLs can be taken off the 'net.
I'm afraid that this tool is going to rapidly become unusable, or at
least considerably less useful, as the spammers get more and more
aggressive about DDoS'ing anyone out of existence that stands in
their way.
Next on the chopping block would be tools like DCC, Vipul's
Razor, Pyzor, etc.... Any kind of shared centralized mechanism would
be a target.
--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg