Regarding a "passport" mechanism, have you taken a look at
www.habeas.com? Specifically, they offer such a "this is not spam"
warrant mark, and the pricing for individuals is free. The trick is
that they use copyright and trademark law as the enforcement mechanism.
(NB: I helped start the company.)
- dan
--
Dan Kohn <mailto:dan(_at_)dankohn(_dot_)com>
<http://www.dankohn.com/> <tel:+1-650-327-2600>
-----Original Message-----
From: Graham Klyne [mailto:GK(_at_)ninebynine(_dot_)org]
Sent: Friday, June 06, 2003 03:50
To: Hallam-Baker, Phillip; 'ietf(_at_)ietf(_dot_)org'
At 12:12 05/06/03 -0700, Hallam-Baker, Phillip wrote:
A spam sender could attempt to use disposable certificates in the same
way
that IP addresses and dialup accounts are considered disposable. This
is
unlikely to work for long, the spam sender can set up lots of shell
companies at the same address but if the CA keeps authenticating to the
same
address or phone number the pattern will soon become apparent.
Hmmm... is there an economic play here?
<background>
First, briefly, my view of the spam situation. I don't think it's
fundamentally an Internet protocol design issue (though some design
tweaks
may help). Essentially, I think people currently have the choice of
(1) putting filters in place and accept the loss of some non-spam mail,
or
(2) accepting a deluge of spam, and not lose any mail. In practice, I
think this option doesn't exist, because I find that (lacking spam
filters)
I do lose a few pieces of non-spam mail because I don't recognize the
sender or subject. So I see a way forward to be a "passport" mechanism
to
reliably bypass automated spam filters, a kind of whitelist++.
</background>
So back to my question: is there an economic play here?
(I was offered the opinion once that a big *disadvantage* of email
compared
with fax for business transactions was that it has almost zero
incremental
cost of use.)
I'm thinking of a cert issued for a small sum of money, without any
authentication other than the purchaser promises something like "I
promise
not to spam with this certificate". At the earliest evidence of it
being
used for spamming, it is revoked. The price should be small enough to
be
accessible to any reasonable person, but high enough that the bill for
daily or hourly renewal would become significant.
Maybe crazy, just thinking aloud...
#g
-------------------
Graham Klyne
<GK(_at_)NineByNine(_dot_)org>
PGP: 0FAA 69FF C083 000B A2E9 A131 01B9 1C7A DBCA CB5E
_______________________________________________
This message was passed through
ietf_censored(_at_)carmen(_dot_)ipv6(_dot_)cselt(_dot_)it,
which is a sublist of ietf(_at_)ietf(_dot_)org(_dot_) Not all messages are
passed.
Decisions on what to pass are made solely by Raffaele D'Albenzio.