I think I have got a handle on Yakov's proposed Consent Framework, or
at least what it attempts to achieve. The actual document remains
sadly opaque to me. I'll try to summarise my understanding below.
Yakov, feel free to correct me if I'm completely off-base.
The "Consent Framework", while presently documented in an extremely
formal and opaque manner, is nothing more than a "system of systems",
aimed at combining the best-of-breed proposals (the exact ones to be
determined at some time in the future) into a single, cohesive,
implementable e-mail system. Preferably, of course, leveraging the
existing SMTP infrastructure, because that makes implementation several
orders of magnitude easier.
I believe another goal is for additional components to be added to the
framework as and when necessary, and therefore the system will be
governed by some extensible protocol and/or message formatting
standards.
The main components of the framework might be:
- Sender identification
- Whitelist for stable sender/recipient relationships
- Monetary payment (using tokens issued by trusted authorities, eg
e-stamps)
- Computational payment (generating tokens autonomously, eg hashcash)
- Trust directories (identifying which payment and/or authentication
authorities are trustworthy)
- Message category labelling
- BCPs for effective recipient filtering based on above facilities
- BCPs for senders (of various categories) for efficient use of above
facilities
Based on the above, it might be a good idea to split my own "E-mail
Authentication" paper into two parts, one dealing with the
authentication itself, and one dealing with establishing the
trustworthiness of the MAA (Mail Authentication Agent). Then both
would fit neatly into positions in the above list, along with other
people's hashcash, stamp authority, labelling, and whitelist schemes.
With any luck, that should make things a heap clearer for everyone
(myself included), unless of course Yakov is going to point out how
incorrect I am. :-)
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk
website: http://www.chromatix.uklinux.net/
tagline: The key to knowledge is not to rely on people to teach you it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg