Markus Stumpf <maex-lists-spam-ietf-asrg(_at_)Space(_dot_)Net> wrote:
On Thu, Mar 04, 2004 at 12:38:19PM -0800, Anne P. Mitchell,
Esq. wrote:
I am objecting that "FINAL DECISION FOR INCLUSION IN IADB IS AT THE
DISCRETION OF ISIPP" and not whether it depends on successful passing
of the criteria.
Who is supposed to determine that "successful passing of the
criteria"? Do you want whoever that is to be sued by some spammer who
thinks he found a loophole?
With the above sentence, even if I am the honest man in the whole
Internet it is up to your good will to be added to the database or
not.
That's absolutely right. If mailserver admins don't think they're
doing a good enough job, then mailservers won't be configured to care
about what they say, and they'll be irrelevant. If mailserver admins
think they (the admins) get benefit by using ISIPP's list, then
they'll use it.
If you think you can provide a better list, go ahead. Nobody is
claiming to own the concept of a list.
The reservation of decision is *terribly* important, so that we don't
get a big fat spammer who techinically can say that they meet the other
requirements, so that therefore we *have* to list them (you wouldn't
want that, would you?)
If you can't find any definitive term to nail him down and separate him
from the "good guys" than this is a problem with the terms.
If you think you can find the most clever person in the world (so that
nobody else can ever find loopholes in her terms), I wish you luck in
the search.
I will NEVER trust any system that depends on the good will of some
people and that backs up goodwill decisions with their terms of
service.
So don't trust it. Your toys, your rules. If your users don't like
the way you run your mailserver, including your decisions about who to
trust, they'll become your ex-users. I see no problem either way.
How much time and money per complaint are you willing to spend to
investigate these cases?
As much as they feel is warranted. Again, if you think you can do a
better job, go ahead and do it. If the mailadmins agree that yours is
better, nobody will use theirs.
[another message]
On Fri, Mar 05, 2004 at 07:20:59AM -0500, Daniel Feenberg wrote:
There is a difference between "centralized" and "cooperative". There is
nothing in the plan that I can see that suggests that they should be the
Where on the web site do you find the word "cooperative"?
All I can detect has the "centralized" direction, like in
ADDITIONAL REQUIREMENTS FOR LISTING OF ORGANIZATIONS NOT PERSONALLY
KNOWN TO ISIPP (NON-VOUCHED LISTINGS)
What makes you think there's anything centralized? It's _one_
organization. There should be as many such as people care to create.
And I surely don't want a service that has worldwide operating
ambitions and that is dependant on US law (I wouldn't like to have
one that solely is dependant on German law, either, no
antiamericanism here).
Any service is dependent on its local law. If you don't want to use
it, then don't. Nobody says you have to.
NSI had their monopoly handed to them by an inattentive government agency.
These guys will have to earn their market share - a completely different
matter.
And as soon as you have 4 or 5 of them you'd have to register with all
of them.
Why? You're making assumptions about the way mailserver admins will
operate, which are completely unwarranted. We have no way of knowing
how they'll act.
Just like with new TLDs which you have to register your trademark
with, if you don't want to loose it (in some countries) or want to
risk that some nerd registers e.g. ibm.biz and puts up a "homepage"
with "you all suck" on it.
I suppose you need to buy accounts with every ISP in the world so you
can have the Markus.Stumpf@<every ISP> just in case somebody else
might get that userid and say silly things from it, too.
And it has to be free of political influences of one country.
I don't mind if you run yours from Mars.
And what will happen, if that country decides that each and everyone
from another country is suddenly untrusted, because the whole other
country is a big danger for the security of the homeland and
politically or through legislation forces the database to remove all
the entries of entities from this specific bad country from their
database?
Then the services running from that country will lose a lot of
credibility elsewhere in the world, and their competitors in other
countries will gain (relative) credibility.
Is the reputation these entities have bought from an organisation
like the ISIPP then suddenly non existant? Do they get their money
back?
Depends on the contract (as voluntarily agreed to by both sides).
Will the organisation immediately shut down their service because
they (IMHO) failed?
I don't see any organization other than your shutting down because in
_your_ opinion they failed. I have seen organizations
(e.g. anon.penet.fi) shut down because in the opinions of _their
operator_ they failed.
And if not, what is then the worth of such a service?
That's up to the users.
This is nothing personal against ISIPP, but I think databases like
IADB are inappropriate and they trick users into a trust situation
that they can't provide.
Then don't trust them.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg