On Mon, Jul 12, 2004 at 12:14:11PM -0400, Meng Weng Wong wrote:
http://www.itu.int/osg/spu/spam/chairman-report.pdf
18. Identification standards are being developed by a number
of industry and standards groups, such as IETF through
its MARID group, as well as by Internet Service
Providers, which are trying to collaborate to limit the
spread of spam. Although authentication systems are
deemed to be a critical part of the solution, their
implementation remains problematic, and the wide
adoption of a standard authentication method seems far
away. Furthermore, the cost of technical solutions, the
level of technical support necessary and the need for
continual updating, present cost issues for developing
countries, their ISPs and their users.
...which raises an interesting question in my mind: Are authentication
systems necessary, or would reputation systems suffice? I don't believe
I've seen an argument for an authentication system being able to do more
than a reputation system vis a vis spam prevention. At the end of the
day, they both say "this identity is or is not trustworthy". One is
based on credentials (and possibly money), whereas the other is based on
observed behavior.
--
Mark C. Langston Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org
mark(_at_)seti(_dot_)org
Systems & Network Admin SETI Institute
http://bitshift.org http://www.seti.org