ietf-asrg
[Top] [All Lists]

Re: [Asrg] Email Postage (was Re: FeedBack loops)

2008-11-19 14:30:12
On Wed, Nov 19, 2008 at 11:04 AM, David Wall 
<d(_dot_)wall(_at_)computer(_dot_)org> wrote:



Why?  One need not verify that the Pitney-Bowes postage meter is working,
or the Post Office has paper stamps in stock to know that their letter needs
a stamp and that if you had one it goes on the upper right hand corner of
the envelope.

Yes, but the post office does. Otherwise we'd all print our own postage.
Again, postage is not a great example because you buy stamps to pay for the
services of the post office.  Email doesn't have such a clear "service
provider" as many companies run their own email servers and thus an ISP does
not provide them email.


You should print your own postage.  Not as a sender, but as the recipient.
It's up to you to the recipient to decide what the sender has to pay for the
postage, and how they require the sender to "pay".


If you can't validate the stamps, then who would care that they have stamps
on them?  Affixing stamps is easy if there's no way for "someone" to tell me
if the stamp is valid or just something any old party affixed like EVERY
PHISHING SCAM out there does today.  There's no advantage of having a stamp
if it's not reliable and meaningful and trusted.



 If I printed and distributed my own "stamps", I know what's valid, but I
think that's beside the point.  What I'm saying is that the
conversation about franking and validation of "stamps" is premature to the
conversation of how stamps might be used.

There are a multitude of ways that stamps might be created and verified, as
the sender of a message, you shouldn't care whether I can accurately
validate the stamp, only that you know how to get one and affix it to a
message because you believe that I'll do something with it.



    I suggest we separate the discussion of how to "use" a stamp from the
discussion of how reliable/affordable/scaleable/secure stamp
franking/verifying routines are.

If there's no value of having the stamp, then this will not reduce spam.


I didn't say there is no value to having a stamp.  I'm saying that the
sender doesn't need to know how I, the recipient, generated a stamp or plan
to validate it.  Only that a sender needs to know that I require a stamp,
and how to obtain one.


So why build a new "stamps system" that would cost somebody money (right?)
and would require somebody to check them to make them useful if it has no
more value than the existing solutions out there today?


That depends on your definition of a "stamps system".  The only thing I'm
suggesting is a standard format for stamps and how they are affixed to
messages.  No one would require senders to provide stamps, except possibly
the recipient.

True, to be useful, details need to be worked out on how recipients generate
and distribute "stamps", but those details aren't necessary to define a
format for using stamps, nor would I expect those details to remain static
over time.

I envisage a distributed "stamps system" where recipients (or their ISP's)
print and verify their own postage.

Gerald
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg