ietf-mxcomp
[Top] [All Lists]

Re: FTC stuff 0) Lies 1)Yahoo & DK. 2)GoDaddy DNS & SPF & CSV. 3)Dean & FUSSP. 4)Testing 5)EFF, Anonymity.

2004-11-20 12:04:49

0)Some lies and misleading statements from Microsoft's Harry Katz (& Ryan):

The Microsoft people came to make political statements, not technical
ones.  It was dismayingly clear that Harry et al have decided that
Sender ID's technical failures don't matter.  I wouldn't call it
lying, perhaps corporately enhanced myopia.

1)Did the Yahoo folks at the FTC conference say that they would be 
signing all outbound mail by now, and would be checking incoming mail soon?

I just checked and they're signing my free Yahoo mail.

Is the replay problem solved?  Until it is, I see no point in deploying 
DK or IMM, since they won't work long term.

What replay problem?  The fact that a recipient MTA can forward a
message and not break the signature is a feature, not a bug.  If you
want to avoid accepting old stale mail, you can always check the
header date which DK and IIM should be signing.  The point of DK or
IIM is to say that the putative author really is the author of a
message, and if a recipient remails it, that doesn't change.  It does
put the onus on message authors to avoid sending mail to recipients
who will misuse it, but that's nothing new.

The alternative is to take a big gulp of SPF kool-aid and decide that
mail forwarding has, after 20 years, stopped being part of the way
that SMTP mail works.  I hope we don't want to go there.  If we want
SPF, we all know where to find it.

5)EFF, Anonymity.

At last year's FTC spam forum Cindy Cohn, who is otherwise a very
smart person, didn't have a clue about e-mail, and it was clear last
week that the EFF hasn't learned anything in the meantime.  It was
pretty telling that Annalee said she sorts through 2000 spams a day by
hand and apparently thinks that's a useful way to spend her time.

The folks from the FTC running the conference.  They get it.  I was
pleasantly surprised.

Yes indeed.  Too bad the Congress hasn't given them better tools to
work with.





-- 
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 330 5711
johnl(_at_)iecc(_dot_)com, Mayor, http://johnlevine.com, 
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail


<Prev in Thread] Current Thread [Next in Thread>