On 12/30/2010 9:49 PM, John R Levine wrote:
I'm not wedded to the CNAME hack.
Actually, I was thinking about that. Consider a hack on a DNS server
that gives all records an absolute expiry time that marches forward
in (say) 5-minute intervals. Then when the DNS server is queried,
the TTL is computed to be the difference between the current time
and the next absolute expiry.
That had occurred to me. Another possibility is to embed serial numbers
in the records and if the client sees it's out of sync, it goes back to
the root and starts over.
PS: While you're at it, SMTP needs to be replaced, too.
Apples and oranges. SMTP was designed for sending email, which
it excels at. The DNS was designed as essentially a distributed
lookup table. It was never designed to be warped into a read-only
B-tree. :)
Snerk. SMTP was designed for a network with no security where everyone
behaved themselves and all the mail was ASCII text. We shoehorned in
formatted mail and file attachments with MIME, kludged in some security
with S/MIME and later SPF and DKIM, and are now in the midst of a
really, really big kludge to try to add Unicode addressing in EAI. It
passed its best-by date decades ago, but it shares with the DNS the fact
that it exists, and the putatively better alternatives don't.*
Haw.
All that a SSL certificate in S/MIME does is verify
that the e-mail sender is who they say that they are.
But, they can still screw you over. Nothing is stopping someone from
putting up a SSL website that has non-working john thomas enlargement
pills on it, obtaining a SSL certificate from Verisign, and proceeding
to screw the public out of their hard-earned money.
Verisign will happily give them a SSL certificate because they AREN'T
HIDING.
Nothing is preventing a spammer from doing the same with s/MIME or
SPF or DKIM or any of the protocols you think "kludged in security"
Well they didn't. I get plenty of spam that passes SPF and DKIM.
Even if SMTP made SSL certificates
mandatory so that you knew EXACTLY who was spamming you, they WOULD
STILL SPAM you. S/MIME does absolutely nothing to guarentee that
the data you get is legitimate. And this is why all of the SMTP
alternatives that have been proposed over the years have FAILED. It
is not because of entrenchment - entrenchment didn't help to limit
hard drive sizes so that even modern hard drives of 2TB will work
on old motherboards that only speak CHS. It is because the idea that
a new SMTP protocol will somehow guarantee that mail you get isn't
full of garbage is a mirage.
Why don't you ask all those people who invested in Bernie Madoff if
knowing who screwed them over is going to help them get the money
that Bernie made off with back?
The UNIX philosophy has been to build more complex systems out of
simple systems. It has survived to this day against ALL OTHER computing
philosophies because of the fundamental correctness of
this philosophy.
And SMTP is the same philosophy. Unicode addressing should rightly be
an add-on to a simpler system. And frankly the biggest proponent of
EAI is China - and why do you think that this is? It's because the
Chinese government wants to make it even more difficult for their
citizens to interact with the rest of the world - they want to control
information. Look at the Japanese who use the same characters
and they don't have a problem with Latin-character e-mail addresses.
China does - because they want to make it difficult for outsiders
to send e-mail to their citizens. Their people have no problem
sending mail to each other using Latin e-mail addresses because
they can type those characters on their computers. But the rest of
the world does not have Chinese characters on their keyboards so EAI
makes it real hard to e-mail Chinese people - and that's the way that
the Chinese government wants it. You don't see the same interest
in EAI in Taiwan.
Look at the intro attempts of diacritics into .cz. The Czechs
themselves are opposed to it - they just yet again went against it in
the 4th survey that was just taken last month. You want to know what
their biggest objection is? More complicated access for foreigners,
that's what it is.
Read the story of the Tower of Babel. The general public knows it
and does not want the Internet to turn into another Tower. End users
all over most of the world WANT to interact with foreigners. They DO
NOT want to have the Internet on their piece of the the world to
become incompatible with everyone else. ASCII and the Latin characters
that make it up are the lowest common denominator and everyone's whore
and the end users of the world want it that way for e-mail addresses.
Ted
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.
* - Well, OK, X.400 exists. Sort of.
