"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
I believe it is possible to run a blacklist for certain very narrow
purposes in a legal, useful and acceptable fashion. I do not think
it is remotely possible to stop spam through blacklists.
It is clearly possible to block a lot of it that way.
Is there a reason you seem to be opposed to such blocking?
I don't believe in anonymous reputation services.
They exist. Deal with it. Or continue to deny it; I don't have to
care.
If blacklists are going to demand accountability they must accept
accountability - from all parties they affect, not just the ones they
choose.
I haven't seen anything about blacklists that "demand accountability";
rather, they just provide information.
If you choose to create a "blacklist of blacklists" that lists the
ones that aren't sufficiently well-identified to satisfy you, go for
it. I'm sure all those who agree with you will use it appropriately.
I believe in the democratic rule of law, no exceptions. If the legal
system is broken then it has to be fixed.
What do "opinion servers" and "fact providers" have to do with "the
democratic rule of law"?
There are plenty of blacklists that operate in the open.
So you have no shortage of ones to use, if you want to.
I do not believe that it should be legal for a public service ISP to
use any anonymous blacklist service to filter customer's mail.
The Constitution of the US disagrees with you. Read up about "freedom
of contract" sometime.
But I'll happily allow you to define the phrase "public service ISP"
not to include those that use anonymous blacklist services; entities
that want to use such services can call themselves "private service
ISPs" or just "ISPs".
When we started VeriSign nobody else dared to run a public service
CA because they feared the liability issues. Today the liability
issue is considered irrelevant by many CAs and CA customers (heh,
they got a surprise comming).
How much did you lose for that bogus Microsoft certificate?
The reason is that VeriSign did such
a good job of anticipating the legal issues and pre-empting them.
Such as defining contracts to say "we have no liability". That would
seem like a good thing for blacklists to do as well.
The blacklist I am currently looking to establish will probably not
block any spam at all, it will block less than 1% of the web sites
mentioned in spam, hopefully though it will block 80%+ of a certain
type of fraud.
Fine with me.
I want the blacklist to be used near universally,
That's very unlikely to happen.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg