On Thu, Jun 24, 2004 at 04:42:05PM -0700, David Wall wrote:
Thanks, Douglas for your comments.
There are thousands of mail providers requiring no identification, nor
do any MARID proposals curtail this desirable freedom by respecting
economies that enable this service. The goal is to curtail the abuse
that increases costs that will eventually constrain this freedom. The
CSV-HNA-CSA approach attempts to identify domains submitting mail to
enable evaluation and follow-up as a means to curtail these costs.
As I said before, I don't believe this because all email that doesn't have
this identification stamp will be assumed to be suspect over time. In the
U.S., you can walk around with carrying identification. If businesses all
of a sudden (and they won't because it's bad business, just like this is bad
for email) started requiring identification to enter a store since it would
help them with theft issues, but said you don't have to have ID, you would
find that people would start showing their ID just to avoid being followed
everywhere they went in the store. The same will happen here in which all
non-authenticated email will be suspicious, will be further analyzed and
review, and will likely be tossed out in the fear of preventing spam.
[...snip]
Just to jump in here with a thought: with respect to email,
"identification" does not necessarily have to entail a 1:1 mapping to an
individual entity, nor does the "identification" have to have any ties
whatsoever to real-world identity. "Identity" can merely be a unique
identifying token with which an observed pattern of behavior is associated.
Where that unique token needs to be associated with a real-world entity
is when someone wants to hold that entity responsible and accountable
for the actions taken under the auspices of that unique token.
Accountability can also maintain separation from identification on one
face, though at some point someone or something has to map identity to
entity to enforce accountability. But at that point, your concern isn't
over identification, it's over enforcement of accountability, which is a
different issue, and one I don't believe MARID is chartered to deal
with.
--
Mark C. Langston Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org
mark(_at_)seti(_dot_)org
Systems & Network Admin SETI Institute
http://bitshift.org http://www.seti.org