On Sun, Mar 21, 2004 at 12:46:26PM -0800, Greg Connor wrote:
Mark and Wayne-
I think you two agree more than you disagree. May I suggest that you try a
bit harder to state your own positions concisely, rather than concentrating
on DISagreeing with what the other person said?
Understood and agreed. My position:
* I'd prefer a solution that focuses on RFC2821 identity enforcement (at
least until there's more data in on the relationship between RC2821 and
RFC2822 data and the correlation of those relationships with
undesireable* uses of email).
* I'd prefer this solution accomodate uses of a single identity across
multiple providers and layer 1/2 transit types in a relatively robust
manner (possibly using a client-side, authenticated dynamic update
method where necessary; not as an addition to MUAs at first, but as a
standalone daemon).
* I'd prefer this solution preserve the ability to non-abusively alter
RFC2821 and RFC2822 identities, without forcing certain information into
the RFC2822 From: header (unless it's in the form of a comment, rather
than a complete From: header substitution).
* I'd prefer this solution place as much of the burden on MTA admins,
and as little on the end-user as possible. The solution should be
transparent to the end-user.
* I'd prefer this solution be something layered on top of existing MTAs
(at first), rather than rewriting rewrites of existing MTAs, to ease
adoption and transition.
(*NOTE: I'm trying to eliminate perspective-based language from this,
but I find it difficult. Perhaps if we were to focus on one or two
well-defined and well-known problems, such as joe-jobs, it'd clarify
things further. I'm willing to s/undesireable uses of email/joe-jobs/g
, because the need to define a tractable problem here is evident.)
--
Mark C. Langston Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org
mark(_at_)seti(_dot_)org
Systems & Network Admin SETI Institute
http://bitshift.org http://www.seti.org