ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FYI - US Government requesting information on E-Mail Authentication

2004-09-22 07:54:32
from [Richard Shockey] [Permanent Link] 

For Release: September 15, 2004

FTC, NIST to Host E-mail Authentication Summit

Adoption of Technology Could Help Thwart Spam

The Federal Trade Commission and National Institute of
Standards and Technology (NIST) will co-host a two-day
"summit" November 9-10 to explore the development and
deployment of technology that could reduce spam. The
E-mail Authentication Summit will focus on challenges
in the development, testing, evaluation, and
deployment of domain-level authentication systems.

A Federal Register Notice to be published today notes
that the FTC's National Do Not
E-mail Registry Report to Congress stated that
"significant security, enforcement, practical and
technical challenges rendered a registry an
ineffective solution to the spam problem." The report
identified domain-level authentication as a promising
technology that would enable Internet Service
Providers (ISPs) and others to better filter spam, and
would provide law enforcers a tool to locate and
identify spammers.

The Notice states that the Simple Mail Transfer
Protocol (SMTP) currently in use for
e-mail allows spammers to use techniques like
"spoofing," open relays, open proxies, and "zombie
drones" to remain anonymous, evade spam filters, and
elude law enforcers. "To remove this cloak of
anonymity, ISPs and others involved with the e-mail
system have proposed domain-level authentication
systems that would enable a receiving mail server to
verify that an e-mail message actually came from the
sender's purported domain," the notice says.

The FTC is seeking public comment on:

    * Whether any of the proposed authentication
standards (either alone or in conjunction with other
existing technologies) would result in a significant
decrease in the amount of spam received by consumers;

    * Whether ISPs that do not participate in an
authentication regime would face any challenges
providing e-mail services. If so, what types of
challenges these ISPs would face and whether these
challenges would in any way prevent them from
continuing to be able to provide e-mail services;

    * Whether an Internet-wide authentication system
could be adopted within a reasonable amount of time.
Description of industry and standard-setting efforts,
whether there is an implementation schedule in place
and, if so, the time frames of the implementation
schedule;

and 27 other questions listed in the Federal Register
Notice that will be discussed or addressed at the
summit.

Parties who wish to participate in the Summit must
send a statement to the FTC and NIST setting forth
their expertise in, or knowledge of, the issues by
September 30, 2004. The FTC and NIST will select
participants who submitted timely responses that
demonstrate expertise in or knowledge of the issues,
and whose participation would promote the
representation of a balance of interests at the
Summit.

The Commission vote to publish the Federal Register
Notice was 4-0-1 with Commissioner Jon Leibowitz not
participating.

Written comments should be identified as "E-mail
Authentication Summit-Comments," and written requests
to participate in the E-mail Authentication Summit
should be identified as "E-mail Authentication
Summit-Request to Participate." Written comments and
requests to participate should be submitted to:
Secretary, Federal Trade Commission, Room 159-H (Annex
V), 600 Pennsylvania Ave., N.W., Washington, DC 20580.
If submitting in paper form, parties must submit an
original and three copies of each document. The FTC
requests that any comment filed in paper form be sent
by courier or overnight service, since U.S. postal
mail in the Washington area and at the Commission is
subject to delay due to heightened security
precautions. In the alternative, parties may e-mail
comments and requests to participate to
authenticationsummit(_at_)ftc(_dot_)gov(_dot_) To ensure that the
Commission considers an electronic comment, you must
file it with the FTC at this e-mail address. For
further requirements concerning the filing of comments
and requests to participate, please consult the
Request for Comments and Requests to Participate
sections of the Federal Register Notice for the E-mail
Authentication Summit (linked to this news release on
the FTC Web site: www.ftc.gov.



>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Richard Shockey, Senior Manager, Strategic Technology Initiatives
NeuStar Inc.
46000 Center Oak Plaza  -   Sterling, VA  20166
sip:rshockey(at)iptel.org   sip:57141(_at_)fwd(_dot_)pulver(_dot_)com
ENUM +87810-13313-31331
PSTN Office +1 571.434.5651 PSTN Mobile: +1 703.593.2683,  Fax: +1 815.333.1237
<mailto:richard(at)shockey.us> or <mailto:richard.shockey(at)neustar.biz>
<http://www.neustar.biz> ; <http://www.enum.org>
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • FYI - US Government requesting information on E-Mail Authentication, Richard Shockey <=
Previous by Date:  Re: Scenario O Re: Upcoming: further thoughts on where from here, Brian E Carpenter
Next by Date:  Re: Scenario C prerequisites (Re: Upcoming: further thoughts on where from here), John C Klensin
Previous by Thread:  Re: Scenario C prerequisites, scott bradner
Next by Thread:  Re: Scenario C prerequisites (Re: Upcoming: further thoughts on where from here), John C Klensin
Indexes:  [Date] [Thread] [Top] [All Lists]