On Tue, Nov 25, 2008 at 9:45 AM, J.D. Falk <jdfalk(_at_)returnpath(_dot_)net>
wrote:
On 24/11/2008 17:24, "Gerald Klaas" <gklaas(_at_)sacto(_dot_)com> wrote:
Goodmail has already shown that tokens can work, and that the
economics can work. I think the question becomes, is the Goodmail
profit margin big enough that large ISP's would be interested in
transitioning
to an open, non-proprietary system where they can sell tokens to large
BBM senders directly (and keep Goodmail's cut of the action) ?
Doesn't look like it, so far. I suppose that could change in the future,
but right now ISPs are still forced to more in anti-spam technology than in
pro-marketing technology.
But in any case, remember that a standardized token-clearing system won't
be
the end of the story -- or even the beginning. As Daniel Dreymann pointed
out, "It was a challenge to build a scalable clearinghouse...but the
processes supporting the accreditation of senders, reputation monitoring,
security, feedback loops, reporting, UI, etc. have proven to be at least as
complex."
I completely agree. That's one of the main reasons I think the discussion
needs to be split between how a transaction occurs, whether through tokens
or
ESMTP extension, or some new TBD MTA technology and then
what happens within the transaction whether it's micropayment, sender
authentication, hashcash, value transfer, etc.
From my view, there's great benefit in understanding the requirements of
a system before trying to build it. ( But then maybe I've had too many
professors and managers preaching to me about SDLC. )
In the reading I've done on hashcash, it seems there is valid debate about
whether or not e-mail should ever be "allowed" to be anonymous.
It seems there's usually valid debate on this list about whether or not
e-mail should include per piece metering (to include micropayments).
If one were to assume that a recipient should be able to determine their
own requirements with respect to veracity of sender identity and "cost"
related to bypassing SPAM filters, would such a system even be possible?
Would it make sense to allow users the freedom to make such choices?
Or are we debating with preconcieved notions that ISP's need to make
global decisions about these two parameters before any new technology
can succeed?
Every closed system I've seen makes some global decision about how
to verify senders, and the cost related to messages. Are we debating
the answers to globally unanswerable questions? Personally, I see
those answers as a configuration requirement for individual recipient
profiles in the FUSSP. Recipients have to be able to answer those questions
for themselves and accept the risk and reward of their choices.
There are lots of people who already use personal filters that try to strike
a balance. For example, Scott Adams requires "Dilbert" to be in the subject
line
of incoming mail. His sender identity test isn't the same as what Goodmail
uses,
his only requires senders to know his "public key". His "public key"
isn't
used as an encryption key, and it isn't distributed the same way as PGP
keys,
but it is effective *enough* for his purposes.
I whole heartedly agree that any FUSSP that uses micropayments will
have a huge sender identity and verification issue, but isn't that external
to how notice of a micropayment is transferred in a mail exchange? Maybe
for a lot of users, sender identity at the level of "Dilbert" is good
enough.
Who should choose, the recipient or his ISP?
Gerald
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg