I come from the line of thinking that we have a very unique
opportunity here. EVERYONE hates spam. The entire world will get
behind whatever it takes that will stop this
I think it is quite obvious just from the discussions here that there
is no agreement whatsoever about "whatever it takes that will stop
this" is. We have way too many attempts to standardize paper designs
with nowhere near enough experience to figure out what the scaling
problems will be, how effectively they'll solve the problem they're
supposed to solve, how the bad guys will attack them, and what the
pleasant or unpleasant side effects will be.
We have CSV and BATV on the table. BATV is quite deliberately
designed with no callbacks or DNS lookups. CSV is designed to do a
small number of DNS lookups. We understand the scaling issues because
they have an I/O behavior similar to existing mail software. We
deliberately designed them to avoid doing new things, to make them be
low-risk. Callbacks are not low-risk.
We don't understand the scaling issues of any callback scheme, because
nobody's ever tried one on a large scale. Having done my PhD thesis
on databases, I have a reasonably good idea what's involved in
building a database that has the very high update rate that a callback
database needs, and it's a hard problem, since update performance
scales much worse than linearly and is hard to parallelize. The size
of each datum isn't important here, it's the number of updates and the
number of data sources (like the hundreds or thousands of outbound
MTAs that AOL or Yahoo have.) We also don't understand the attacks
that bad guys will try and the side effects that they'll cause.
Maybe SES et al have solved all these problems, but maybe they're
going to run into the same problem that everyone else who's tried to
build such things have. I would be surprised if other people with
database experience were any more sanguine about this problem.
That's why C/R systems really truly need their own working group where
they can try their ideas out and get enough experience to make them
plausible. I know that the proponents of SES think that they've
solved all the problems, but it's just not persuasive yet in view of
all of the history that says it's butting up against hard problems.
So go prove me wrong, but you're going to have to build stuff to do it.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"A book is a sneeze." - E.B. White, on the writing of Charlotte's Web