ietf-asrg
[Top] [All Lists]

Re: 3. Requirements - Anonimity (was Re: FW: [Asrg] 0. General)

2003-10-27 07:34:43
"Jon Kyme" <jrk(_at_)merseymail(_dot_)com> wrote:
Either
a. We're challenging the anonymity section in the requirements document.
- I guess if there's a consensus that this isn't a requirement it would be
struck out.

  Anonymity is unrelated to many of the anti-spam systems.  As PHB
pointed out, holding an ISP accountable for a message means that a
user of that ISP can still be anonymous.

  There is no requirement that the user ID at that ISP map to a real
person, in a well-known fashion.  There is no requirement that the ISP
know a users real identity, and not accept cash transactions from
anonymous people off of the street.  In places where people CANNOT be
anonymous to an ISP, they CANNOT use SMTP to create anonymity where
none existed before.  They MUST use other methods to send anonymous
messages.

  Having a requirement that SMTP creates anonymity in hostile
situations is a simple way to guarantee that every anti-spam proposal
will fail to satisfy that requirement, and will therefore be rejected.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg