"Anders Rundgren" <[EMAIL PROTECTED]> writes: > How should a good system have been designed? The IETF should have > recognized the obvious: e-mail is a TWO-DIMENSIONAL identity and > thus trust structure. That is, domains (MTAs) should > authenticate/encrypt to each other, preferably using the in fact not > too useless SSL PKI. Then end-users should authenticate to the > mail-servers. As they already do that for fetching mail it is odd > that it is not required for sending mail. There is very little > reason for end-to-end security in a corporate environment. In fact, > archiving and automatic content control (including virus checks) > mostly make encryption a bad choice in such environments.
there is a separate issue ... ISPs for a long time tended to not want to take responsibility (and therefor liability) for spam origination. had this argument maybe ten years ago about ISPs filtering incoming packets based on things like bogus origin ip-address (various kinds of spoofing attacks ... not totally dissimilar to phishing attacks with bogus origin). even as late as 5-6 years ago, the counter arguments were that ISPs had neither the processing capacity nor the technology capacility for recognising incoming packets and filtering packets that had bogus origin ip-address. However, in this period, ISPs were starting to do all kinds of other packet/traffic filtering & monitoring of their customers for things in violation of the terms & conditions of their service contract (prooving that they did have the capacity and technology). A possible scenario is if ISPs somehow demonstrated that they were doing filtering/censoring on things coming from their customers before it got on the internet ... if something actually got thru and reached a destination victim ... the destination victom might be able to turn around and sue the originator's ISP. I think that ISPs want to avoid being seen as financially liable for bad things that might be done by their customers. the other counter argument raised was that even if responsible ISPs started censoring activity of their customers ... there were enuf irresponsible ISPs in the world that it wouldn't have any practical effect. However, there is multi-stage scenario 1) responsible ISPs might be able to do origin filtering on 90% of the bad traffic, 2) doing origin censoring rather than destination censoring eliminates a lot of infrastructure processing overhead getting between the origin and the destination, 3) for store & forward traffic, responsible ISPs could still perform entry censorship at the boundaries where it cross from an irresponsible ISP to responsible ISP. in many of these situations it isn't whether the receiving can absolutely proove who the originator is .... it is whether the originator is generating traffic with spoofed address that the originator's ISP would have reason to know isn't consistant with the originator's assigned address. Not too long after the greencard incident ... we were on a business trip to scottsdale and having dinner at a resturant in old town. Three people came in and were seated behind us (a man and a couple). The man spent most of the dinner explaining to the couple how to configure their service for commercial purposes ... and how he was going to be able to send out loads of spam on their behalf (if they would sign up with him); the techniques he had for staying ahead of the ISPs that might want to get around to shutting down one or another of his spam producing facilities (we suspected that the man doing the talking might have been involved somehow with the greencard incident). -- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
