ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?

2003-12-18 18:19:37
from [Yakov Shafranovich] [Permanent Link] 
Markus Stumpf wrote:

On Thu, Dec 18, 2003 at 05:24:23PM -0500, David Maxwell wrote:


Markus Stumpf <maex-lists-spam-ietf-asrg(_at_)Space(_dot_)Net> wrote:


But with the presumption of innocence each one should be allowed to send
a mail to another person on the internet without some authority blocking
it by default "just because".


Is the ability to send SMTP email a right, or a privilege?



Is the ability to drop a letter in a postbox a right, or a privilege?
And what is the difference to a drivers license?
What you are refering is commonly known as the "end to end" principle. A quote from an IAB draft is relevant here (http://www.iab.org/documents/drafts/draft-iab-e2e-futures-04.txt):
While the end to end principle does not require that users implicitly trust each other, the lack of trust in the Internet today requires that application and system designers make a choice about how to handle authentication, whereas that choice was rarely apparent 15 years ago. One of the most common examples of network elements interposing between end hosts are those dedicated to security: firewalls, VPN tunnel endpoints, certificate servers, etc. These intermediaries are designed to protect the network from unimpeded attack or to allow two end nodes whose users may have no inherent reason to trust each other to achieve some level of authentication. At the same time, these measures act as impediments for end to end communications. 

and the IAB's view on the matter:
Third party trust intermediaries are not a requirement for security, as end to end security mechanisms, such at PGP [15], can be used instead, and where third party measures such as PKI infrastructure or keys in DNS are utilized to exchange keying material, they don't necessarily impinge on end to end traffic after authentication has been achieved. Even if third parties are involved, ultimately it is up to the endpoints and their users in particular, to determine which third parties they trust. 

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Power tends to corrupt, and absolute power corrupts absolutely" (Lord Acton) 
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 0. General - For Hector Santos, Philip Miller
Next by Date:  Re: [Asrg] 0. General - For Markus, Philip Miller
Previous by Thread:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Markus Stumpf
Next by Thread:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]