[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-11 09:31:36
Friday, Dec 11, 2015 9:48 AM Ned Freed wrote:
And give up the email address they've had for many years, which they have 
to all their friends and customers, printed on their business cards, 
to mailing lists, and perhaps most importantly, attached to all of their
online accounts, some of which can only be changed by abandoning the account,
with all that implies?

Yes, once, so as to get out of the trap.   Honestly, this is not rocket 
science.   My sister, who is really not fond of computers, runs a nonprofit 
with its own domain, and her email address is in that domain.   She has a fully 
functional mail setup which, if Google stopped doing a good job, would be 
immediately transferable to another mail service provider.

My wife, who is a good web designer but not particularly conversant in mail 
headers, gets her mail service from a web hosting provider.   They have been 
doing a perfectly adequate job.   She has her own domain.   If they start 
sucking, she can switch to Google, or have me operate her mail service, or take 
some other option.   She is not locked in.

I've lost track of the number of times I've patiently explained to someone 
their problem was the result of crap service from their provider. I can count
on the fingers of no hands the number of times this has resulted in them
changing providers.

Right, you've been providing them with free support.  Why would they switch?   
This is precisely my point.   You are their service provider, and you are 
protecting them from the hassles they would otherwise endure at the hands of 
their nominal service provider.   If you could no longer provide the help you 
have been providing because we closed down this privacy loophole, they would 
suddenly have some clarity about their situation, and maybe take action to do 
something about it.   And you could provide them with really good advice on how 
to do that in a way that avoids them being locked in again to their next mail 
service provider, if that provider should turn out to suck.

In an ideal world, maybe. But here in the real world we have to take factors
like provider lock-in into account in assessing these tradeoffs.

I don't think that we should design protocols to account for provider lock-in.  
 It's not that hard to get out of a lock-in situation: start a new mail account 
that's not locked in, and gradually switch to it.   Use a high-entropy password 
on the old account so that the botnets can't crack it.   Done.   This is really 
just _not_ a hard problem, Ned.   Even if you have to keep the old account 
around in a read-only state for a decade, it's not a significant amount of 
money or effort.

Sent from Whiteout Mail -

My PGP key:

Attachment: pgpbrNI9hI1V2.pgp
Description: PGP signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>