Re: New incompatible Tricks promotes change
2007-12-06 12:08:33
On Dec 6, 2007, at 2:06 AM, Hector Santos wrote:
Change promotes chaos which strives for equilibrium which instigates
a new round of survival of the fittest, deviation and imperfection,
thus the cycle begins again.
Trick XYZ requires change like any other trick. If change is what we
want, IMO your particular trick no longer applies - there are by far
more simpler solutions.
SMTP v3.0 needs registration and enforcement ideas. Thats all - two
fundamental ideas that we are very careful not to revisit again.
Hector,
Even when everything is authenticated, some type of temporal, opaque
identifier is needed to deal with repeatedly abusive sources.
Registration serves as a means to rate-limit abuser access, but that
is not a complete solution.
TBR allows offering "questionable" transmitters a choice -
1) Receive a temp error, or
2) Provide a nonspoofable, content immutable, and opaque source
reference
The TBR reference does not require receivers to expend resources
associated with obtaining keys, cryptographic analysis, obtaining
extensive address list of all hosts used on behalf of a domain, or
investigating all permissions at every hop. Bot nets are making
receiver resource intensive analysis impractical, to say the least.
Expect registration and enforcement to be the role of different
parties. Don't expect email providers to proactively play the role of
enforcer. They naturally have conflicted interests with a desire is
to attract as many users as possible. A large number of users in
itself, allows, and may invite, lax enforcement. Those offering
access to services often operate at thin margins where customer
support represents a substantial component of their overhead. Dealing
with a compromised system often requires hours of labor and a high
level of interaction.
There are lucrative business models for either party, however SMTP
currently and significantly lacks a means for fine grain enforcement.
The interests of those offering registration are significantly
different from those attempting to keep lines of communication clear.
Those offering email services and those blocking abuse should not be
seen as being adversaries. The latter is more prone to DDoS attack
where it is very much in their interest to keep the number of
compromised systems in check. As such, they offer notification with a
place to go for resolution, many such companies even offer free
remdiation.
TBR is not a trick defeated by changing a message's format. TBR can
not be defeated by lying about some header within the message. TBR
does not depend upon _anything_ that would give the transmitter an
advantage over that of the receiver. In that sense, TBR can remain a
long term solution unlike most other efforts or proposed solutions.
By not having any identifier with a granularity smaller than the
domain or the client's IP address, too often those providing
enforcement have created problems for the providers. This tends to
put them at odds. Levels of abuse can be expected to rise unless
finer grain enforcement becomes possible. After all, we all want to
get along. Sounding a bit like Jerry McGuire, help us to help you.
TBR offers a fine grain, opaque, identifier at an extremely low
resource cost from the perspective of the receiver. TBR is NOT about
conserving the Internet. TBR is about providing an effective and
scalable mean of enforcement which acknowledges the different roles of
transmitter and receiver, or email and anti-abuse provider. TBR is
not a clever trick. It is dead simple and can be very effective.
-Doug
|
|