- From: James A. Donald <jamesd@echeque.com>
- Date: Tue, 20 Jun 2006 20:25:09 +1000
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- CC: public-usable-authentication@w3.org
-- James A. Donald > > Negative consequences are hard to impose across the > > net. Hallam-Baker, Phillip: > True, but this has never been the part that has > worried me personally. There seem to be plenty of folk > willing to do consequences, probably too many. I don't think so: We're public guardians bold yet wary And of ourselves we take good care To risk our precious lives we're chary When danger threatens we're not there But when we see a helpless woman Or little boys who do no harm… We run them in, we run them in We run them in, we run them in To show them we're the bold gendarmes When young men like to make a riot And punch each other’s heads at night We are disposed to keep it quiet Provided that they make it right But if they do not seem to see it Or give to us our proper alms… We run them in, we run them in We run them in, we run them in To show them we're the bold gendarmes Sometimes our duty’s extramural Then little butterflies we chase We like to gambol in things rural Commune with nature face to face But when we go back to our duties Refreshed by Nature’s holy charms… We run them in, we run them in We run them in, we run them in To show them we're the bold gendarmes By and large, courts have worked for the spammers rather than the spammed. > Lets get the criminal spammers first, then work on > consequences. I think that DKIM helps target the > consequences much better, it is possible to identify > the manager responsible for the spam run, it is > possible to measure reputation in real time. DKIM does not identify the manager responsible. It identifies the domain name responsible, and the most effectual remedy is to black list the domain name. And right now I have no usable sofware that will blacklist and whitelist authenticated email on the basis of the proven originating domain. James A. Donald: > > Much of the time we are not really interested in > > ascertaining true names. Hallam-Baker, Phillip: > That is a byproduct. The intention of the Class3 > authentication process is to ensure a high degree of > probability of identifying the perp who applied for a > cert. Right now no one gets CA certificates for their mail. If you make it harder to get certificates, even fewer would get certificates, were it possible for the number to drop below zero. Class three certificates are a wet dream of certification authority accountants. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG cD42agYS5ZgdTl3MJ+xmSYJ5OQXcbOOlmn1GuGul 4qZAcX8QKv5ybQx0Gdm8jcdMGn0US3Bd5Kw+EmJvk
Received on Tuesday, 20 June 2006 10:25:06 UTC