- From: James A. Donald <jamesd@echeque.com>
- Date: Tue, 20 Jun 2006 20:25:09 +1000
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- CC: public-usable-authentication@w3.org
--
James A. Donald
> > Negative consequences are hard to impose across the
> > net.
Hallam-Baker, Phillip:
> True, but this has never been the part that has
> worried me personally. There seem to be plenty of folk
> willing to do consequences, probably too many.
I don't think so:
We're public guardians bold yet wary
And of ourselves we take good care
To risk our precious lives we're chary
When danger threatens we're not there
But when we see a helpless woman
Or little boys who do no harm…
We run them in, we run them in
We run them in, we run them in
To show them we're the bold gendarmes
When young men like to make a riot
And punch each other’s heads at night
We are disposed to keep it quiet
Provided that they make it right
But if they do not seem to see it
Or give to us our proper alms…
We run them in, we run them in
We run them in, we run them in
To show them we're the bold gendarmes
Sometimes our duty’s extramural
Then little butterflies we chase
We like to gambol in things rural
Commune with nature face to face
But when we go back to our duties
Refreshed by Nature’s holy charms…
We run them in, we run them in
We run them in, we run them in
To show them we're the bold gendarmes
By and large, courts have worked for the spammers rather
than the spammed.
> Lets get the criminal spammers first, then work on
> consequences. I think that DKIM helps target the
> consequences much better, it is possible to identify
> the manager responsible for the spam run, it is
> possible to measure reputation in real time.
DKIM does not identify the manager responsible. It
identifies the domain name responsible, and the most
effectual remedy is to black list the domain name.
And right now I have no usable sofware that will
blacklist and whitelist authenticated email on the basis
of the proven originating domain.
James A. Donald:
> > Much of the time we are not really interested in
> > ascertaining true names.
Hallam-Baker, Phillip:
> That is a byproduct. The intention of the Class3
> authentication process is to ensure a high degree of
> probability of identifying the perp who applied for a
> cert.
Right now no one gets CA certificates for their mail.
If you make it harder to get certificates, even fewer
would get certificates, were it possible for the number
to drop below zero. Class three certificates are a wet
dream of certification authority accountants.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
cD42agYS5ZgdTl3MJ+xmSYJ5OQXcbOOlmn1GuGul
4qZAcX8QKv5ybQx0Gdm8jcdMGn0US3Bd5Kw+EmJvk
Received on Tuesday, 20 June 2006 10:25:06 UTC