John writes:
> In a move that is, overall, unusual given the "sell standards to
> support the business" model, [ISO] have made part of the 3166-1
> list (the alpha-2 codes --which are what we use-- and the
> short-form country names) available "for internal use and
> non-commercial purposes" onlin
Nathaniel writes:
> Weird things often seem to come in threes. The third IP-related
> insanely greedy weirdness for last week involved the Dewey Decimal
> system and its current corporate, er, guardians:
>
> > http://www.newsday.com/news/nationworld/wire/sns-ap-dewey-decimal-
> > defenders,0,2420
Dan writes:
> Proves ICANN is not interested in the integrity of the DNS to have
permitted
> this.
ICANN is probably busy trying to find a way to copyright the root domain.
Everyone wants his slice of the unlimited possibilities for manufactured
wealth inherent in IP law.
Dean writes:
> In fact, the 3 most popular browsers, MSIE, Netscape,
> and Mozilla, which account for perhaps 90% of the browser
> market, do not display "Page not found", but take you
> to MSN, and Netscape search pages, respectively.
That's easy to turn off, and I do so routinely.
Valdis writes:
> The same week as Verisign's stunt. Coincidence? Maybe
> not... ;)
Are there drugs that produce irrational greed?
Dean writes:
> However, there is a distinction between mail routing, an MTA
> function, and mail submission, an MUA function.
Not in the SMTP protocol.
Dean writes:
> I think you have pointed out that this is indeed the function of a mail
> server, not a mail client. It is a bug.
SMTP makes no distinction between servers and clients. It's not a bug.
Dean writes:
> No, its not valid for a mail client to make direct
> connections.
There is no distinction between a mail client and a mail server in SMTP. It
is perfectly valid for either to deliver mail directly to another SMTP
server.
Jim writes:
> Correct me if I'm wrong, the principle disruption -- and I want to
> emphasize disruption here -- I've seen is that a particular spam
> indicator no longer works as expected. Is there more to this than that?
You could make many random DNS requests of a DNS server and flush the cach
Valdis writes:
> Out of curiosity, where did Verisign get the right
> to have the advertising monopoly for all the eyeballs
> they'll attract with this?
They didn't.
And there's even a way for individuals to stop it: Type an incorrect
spelling for a famous trademark. When Verisign puts up its
Andrew writes:
> What Verisign has done pre-empts that choice for everyone.
There's a simple way to stop Verisign: Type a domain name corresponding to
a registered trademark (or a near spelling of a registered trademark), for a
domain that isn't registered. When Verisign comes up with its own p
Tim writes:
> But a year ago we didn't have Abilene, GEANT
> or a large number of European NRENs offering
> a native IPv6 service.
A year ago, my parents weren't using IPv6, whereas today ... they still
aren't using it. When their connection is IPv6, I'll know that it has
arrived.
The more perv
Didn't the DoD officially adopt Ada about 20 years ago?
- Original Message -
From: "Richard Shockey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, June 14, 2003 02:47
Subject: US Defense Department formally adopts IPv6
>
> Significant news of note..
>
> Vendors must be comp
Clint writes:
> ... which means that in many jurisdictions it
> would be illegal to call myself an engineer ...
Which ones?
In general, you can call yourself an engineer, a doctor, or even an attorney
legally, as long as you don't qualify the appellation. If you call yourself
a medical doctor,
Haren writes:
> It is factor that contributes to building trust.
Not in the PKI sense. Rather a matter of apples and oranges, in my view.
John writes:
> This appears to be relatively new.
The policies on shipping certificates with the product or making them
available via MS updates may be recent. The mechanism of handling them in
software has been around for a long time. You can see the certificates in
the Internet options in MSI
Haren writes:
> There was a flaw in IE, although it has been fixed ...
Since it has been fixed, where's the problem?
> How can trust IE, it there is some very serious
> flaws like this one?
There are very serious flaws in just about all software; I have not
encountered any exceptions outside th
John writes:
> Now, if I read this correctly, there is no
> more choice ...
You read incorrectly. Default behavior is not mandatory behavior.
> Conversely, if I'm part of an enterprise that
> issues its own certs for internal purposes, it
> doesn't look as if I can make those certs usable
> in
Haren writes:
> Some CA has sold their private key to get out
> of bankruptcy.
Which one?
Haren writes:
> I can not simply, they could be fake, and there
> is no establishment of trust, especially if the
> keystore component is written by Microsoft.
Why are keystore components written by Microsoft peculiarly unworthy of
trust?
Dean writes:
> Which is still practically nothing, compared to the
> bandwidth consumed by http (gifs and jpegs), IM (and
> its picture sharing), (legal) movie and MP3
> downloads, and other stuff.
I know, which is why I specified e-mail bandwidth specifically. One cannot
say that spam is actual
Eric writes:
> This sounds quite dangerous a way of thinking to me.
Nothing particularly dangerous about it. Adults seem to readily forget that
they were completely uninterested in sex prior to puberty; things sexual
(including pornography) were nothing more than curiosities that rapidly
became
Paul writes:
> 1. does the ietf as a community generally believe
>that provable mutual consent between a sender and
>recipient is an achievable (technically) and
>desireable (by the global user base) goal?
It's certainly achievable technically, since other protocols already do it.
I d
Paul writes:
> i want the digital equivilent of a peephole
> in my front door so i can ignore the doorbell
> if i don't like what i see.
One of the big problems of spam is that it takes up more than half the total
bandwidth used by e-mail. If you want a peephole, then all spam must still
be deli
Paul writes:
> if you build a world wide communications
> system to make communications easier, It
> Will Be Used. by the full spectrum of humanity.
Then logically, the only way to exclude any part of that spectrum is to make
a communications system harder to use. I'm not sure that making thing
Marc writes:
> Spam can only be fought through a worldwide
> police and justice system.
If so, that does not bode well for the future. As far as I can remember,
_nothing_ has been successfully fought worldwide, except perhaps smallpox.
> This cannot by achieved by an RFC. Send this
> problem to
Phillip writes:
> IANAL but I don't take the fact that habeas was founded
> by a lawyer to indicate that their idea of copyright law
> is necessarily enforceable.
Agreed. Probably 95% of all corporations are founded by lawyers. That
doesn't mean that they'll always win in court, or even that th
Dave writes:
> How do they fail to provide 'globally verifiable
> authenticated mail?"
Neither is universally supported.
Valdis writes:
> ... the biggest question is which spammer (if any)
> is willing to risk the lawsuit to find out.
There might be quite a few. It might be easy to have Habeas' claims
invalidated, and it would be worthwhile to spammers to get that out of the
way. Additionally, some organizations
Richard writes:
> i might add that the CEO of Habeas, Anne Mitchell,
> is an actual lawyer.
So? Is she the _only_ lawyer??
There are probably any number of lawyers who would enjoy eating Habeas for
breakfast.
> i am not familiar with Anthony's credentials in the
> field of law. casually throwi
> I hereby request the list management to remove
> Anthony's email address from the subscriber list,
> so as to not expose the IETF to liability.
Too late ... my incredibly valuable service mark has already been
distributed to the list many times in the headers of my messages. Clearly
this dilute
Dan writes:
> Regarding a "passport" mechanism, have you
> taken a look at www.habeas.com?
Habeas represents one of the most egregious perversions of trademark and
copyright law that I've ever encountered. Their copyright and trademark
claims are invalid prima facie, and they hope to get their w
Haren writes:
> My question is how can you trust the CA?
You can't, or at least I cannot really imagine any CA that _everyone in the
world_ would be willing to trust. This alone pretty much invalidates the
idea of using signatures as a way to reduce spam, unless you only wish to
reduce spam in c
I'm not sure that I understand what you are asking.
- Original Message -
From: "Haren Visavadia" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, June 05, 2003 19:13
Subject: RE: authenticated email
> > the CA guarantees that the identification informatio
Haren writes:
> If SMTP server uses certification authentication
> to trace all messages easily. And each mail adds
> the SMTP's server's public key and then is
> signed by the SMTP on the message, so when you
> receive it you know if the signature does not verify
> it has been tampered.
This is
> Verisign's declaimer which is part of the CPS.
> This would the CA simply endorses the subscriber's
> information. How can you trust a CA with a
> disclaimer like this?
You can't.
Furthermore, Verisign already compromised its trust model in the worst way
some time ago when it let a complete str
Einar writes:
> Wow! What a mighty leap of faith!
That's why they call it trust.
> Stephen's CERT proves that the sender is a person
> who got a CERT from some CERT provider and has a
> contract with that provider, but has no contract
> with Anthony ...
No. In cryptographic authentication, si
Franck writes:
> Someone unknown to me send me an e-mail. I do not
> receive this e-mail yet but an automatic reply ask
> the person to perform a task to authenticate itself...
> Like replying to a specific address after reading
> the message (something like a simple Turing test to
> prove the per
Stephen writes:
> Does my signature on this message make you trust
> it more than, say, the ten ads you got this morning
> for Viagra?
Yes.
> Why or why not?
It proves who you are, which means that you expose yourself to a certain
extent in the event that you do anything inappropriate with your
Michel writes:
> In Enterprise networks using GroupWise or Notes
> or Exchange, a good 80% to 100% of the clients are
> using the client software that pairs with the
> server software. So there is a GroupWise client,
> a Notes client and there used to be an Exchange
> client but now everyone uses
Terry writes:
> In contrast, I suspect that most enterprises use either
> Exchange/MAPI or an IMAP-based solution ...
Both solutions are extremely well suited to intracompany or
intraorganizational e-mail systems in relatively homogenous user
environments. I'd always recommend Microsoft Exchange
Alexandru asks:
> So the level of trust depends on the number of signatures?
No, it depends on who signed the key. If you trust the people who signed
the key, then by extension, you can trust the key (because presumably
trustworthy individuals would not sign a key if they were not certain that
t
Alexandru writes:
> Can't I just create a public key with the Harald's
> name and email address and then post to this list
> claiming I'm Harald?
Sure, but that wouldn't do much good, because of the way PGP's key
infrastructure works.
See, with PGP, you NEVER trust a key just because it claims t
Harald writes:
> Since then, you have contributed approximately 40
> more messages to the list, or around 8 messages per
> day, contributing more than a sixth of the
> total list traffic in that interval.
So?
Try this: Count all the personal attacks and irrelevant posts on this list
in the last
Iljitsch writes:
> The trouble is that on the internet, you can go
> from house to house and try to break locks and
> nobody will stop you. In the real world, you
> wouldn't be able to do that for very long.
Sure you could. But locks break so easily in the real world that most
crooks don't have
> The delete key is a workaround, not a solution.
No, it is a solution. I believe I've already explained how unreasonable it
is to expect the entire world to censor itself to match your preferences.
It's much more practical to simply ignore or delete what you don't want to
see. Additionally, the
You always have the delete key.
- Original Message -
From: "Eliot Lear" <[EMAIL PROTECTED]>
To: "Stephen Kent" <[EMAIL PROTECTED]>
Cc: "Einar Stefferud" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, June 03, 2003 03:24
Subject: Mailing list or bust (was Spam, nasty exchanges, an
Tony writes:
> Are there other reasons for having authenticated,
> time-stamped email? I am sure there are many, but
> the first I would like to see is the end to the
> designation that a fax is acceptable legal evidence,
> while email is not.
Assuming this statement is true (and it seems to be),
Valdis writes:
> Solipsism has no place in protocol design.
Not solipsism. Just a reluctance to believe that you are an official--or
even an unofficial--spokesperson for LSoft.
> Granted, but since *your* claim is that most people
> don't do any mailing lists, or very few, I'm not
> willing to
Valdis writes:
> The guys at LSoft Inc feel otherwise...
The guys at LSoft Inc are welcome to express themselves directly here.
> That's *only* for LSoft's Listserv product, and
> does *NOT* include all the intranet installs of
> Listserv.
Two points: (1) you don't seem to be counting people su
Eric writes:
> Should this list be open to ANYbody (any curious/
> interested netizen), or limited to proven... well...
> specialists? experts?
Maybe we should limit list participation to people who can refrain from
writing entire posts that are nothing more than thinly veiled personal
attacks ag
Eric writes:
> If worms are going to be sending out stuff on behalf
> of the user (whether that be copies of itself, or spam
> as in this case), then no amount of identity information
> will be able to prevent it.
In that case, all discussions here of such protocols are moot, since the
very first
Eric writes:
> For example, Hotmail and AOL exchange mail directly
> already, and they could use SMTPng for these exchanges
> and immediately start to take advantage of the available
> features, regardless of what they use to talk to the rest
> of the world.
True ... but unless they are already s
Tim writes:
> Trouble is even after kill-filing the trolls the
> good folk still rise to the bait ...
Perhaps the "good folk" tolerate differences of opinion and are willing to
debate them, whereas others consider all disagreement as "trolling."
Peter writes:
> Anthony, please don't take this the wrong way ...
What's the best way to take personal attacks, in your opinion? And what is
your purpose in making them, given that they do not contribute to the
discussion?
Peter writes:
> Most Usenet groups would probably turn up an
> example or two ...
As I've indicated, a great many Internet users never post to USENET and do
not participate in mailing lists.
The online archiving of mailing lists is a bad idea, IMO, independently of
the copyright issues it raises
Paul writes:
> the whole installed base is in incredible pain
> right now ...
Oooh ... let's not jump off the deep end here. Spam is a nuisance for most
Internet users, not an "incredible pain." It's very important to
distinguish between something that does real damage and something that
merely
David writes:
> Guessing and trying?
That would require tens of thousands or even millions of bounces for every
successful mailing attempt. I don't think anyone is doing it that way.
> Online directory provided by her email provider?
Which e-mail providers are providing online directories? An
I think it is totally impractical to talk about moving 100 million users to
anything. These are not the pioneer days of computing; there are hundreds
of millions of people using computers today, and you aren't going to move
them all to anything. It's rather like suggesting that North American
swi
Valdis writes:
> That's one *TALL* order for a useful e-mail address.
Not really. A great many people never use e-mail for anything except
exchanging messages with friends and relatives.
> That means that you can't join a mailing list for
> (say) cancer survivors, or for people with persian
> c
Terry writes:
> At least one of them is a combination of letters
> and numbers that I would have expected to
> resist most dictionary spam attacks.
To whom have you sent e-mail from that address?
If they didn't use a dictionary attack, and they didn't harvest the address,
how did they get it?
Eric writes:
> Have you never created e-mail addresses without
> ever making them public, and nevertheless note
> that you get SPAM anyway?
Not that I can recall.
> I did. I created more than one e-mail address
> without ever making them public, and though I
> note some of them receive SPAM!
We
Valdis writes:
> I'm glad that you have such a high-speed connection
> that you can connect, download hundreds of messages,
> and filter/delete them all in a minute or two.
I have a broadband connection, and my perpetually-open Outlook Express
client checks my e-mail every sixty seconds. So I ju
Terry writes:
> True enough... but "You obviously have no experience..."
> is *real* close to "I think you're stupid".
I did not suggest otherwise.
Tony writes:
> 100M users * 1/30hr = 3.3M hours ; and that
> happens every day.
Each day contains 100M x 24 = 2400 M hours. 3.3 M hours is thus 1/8 of 1
percent.
> I have to adjust my filters at least once a month
> to keep the volume down.
I just delete most of it by hand. It's easy enough
> I haven't repeatedly (or at all) defamed anyone.
While I don't recall reading the original posts, you've backquoted text you
wrote yourself in which you cast aspersions upon others, which is
defamation. Speculating that someone lacks experience or that what he has
written is "nonsense" falls in
Now post the same numbers for the past year, and perhaps some even more
interesting conclusions can be drawn.
- Original Message -
From: "Rob Austein" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 30, 2003 20:47
Subject: Last 7 days on the IETF list
> Traffic statistics (
Tony writes:
> And that would be because they can't do it in
> isolation.
AOL, to cite one example, does a lot of things in isolation. They don't
seem to care if the rest of the Internet goes along, nor do they wait for
any system-wide standards to be put in place before they act unilaterally.
S
Paul writes:
> The benefits of IMAP are obvious to everyone who has
> looked at it in any depth, and yet it is very thinly
> deployed. The main reason: the perceived additional
> administrative overhead.
A more significant reason, perhaps: IMAP is a solution looking for a
problem, in most cases.
Delete keys are very handy as a traffic-control device.
- Original Message -
From: "Schliesser, Benson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 30, 2003 19:07
Subject: RE: The utilitiy of [EMAIL PROTECTED] is at stake here
> This is an important topic. However, it's
Eric writes:
> First, I sent my mail to the list to make public
> apologies for the public insult made to John on
> this list.
But you claim that Dean was the author of an insult. How can you apologize
for him? Are you his legal guardian?
> Second, the objective of this mail was not to discred
Dave writes:
> But spammers DO sometimes subscribe to mailing lists,
> for the purpose of harvesting addresses.
So? That wouldn't give them the secret strings. The only secret string a
mailing list subscription would provide would be the secret string to send
to the list (if any).
I can't say that I'd favor any solution that requires everyone to pay money
or obtain the approval of some third party before sending e-mail. Any
system that imposes a universal financial burden on all Internet users
and/or effectively allows a third party to censor communication between two
other
The problem is that it does nothing to address rogue spammers who refuse to
respect the opt-out list.
- Original Message -
From: "TABAKIS, ELEAS (AIT)" <[EMAIL PROTECTED]>
To: "'IETF Discussion'" <[EMAIL PROTECTED]>
Sent: Friday, May 30, 2003 02:31
Subject: RE: The utilitiy of IP is at sta
> John,
If you are speaking only to John, why do you send your message to an entire
list?
> Since I don't think Dean "Troll" Anderson will do
> it, I would like to apologize, in the name of every
> honest and decent contributor to this list, for the
> insults made against someone that was so deep
> Guys,
Girls aren't included?
> Dean Anderson obviously supports and defends SPAM.
> No further conversation with him could lead to anything
> constructive. Stop feeding the Troll, now.
I tend to find calls to censorship and lynchings suspicious. If you don't
like someone's posts, you don't ha
Your analogies are flawed. Spam is easy to delete, but bullets are
exceedingly hard to dodge (outside the Matrix), and cigarettes are smoked
voluntarily by the people in whom they produce cancer.
- Original Message -
From: "Tomson Eric (Yahoo.fr)" <[EMAIL PROTECTED]&g
Clint writes:
> One problem with attaching the "secret" string
> to an email address is how that is done at the
> sender's side. I can see email clients automating
> the process, which is fine, until a virus comes
> along and starts popping off random emails.
Viruses are a separate problem from
Eliot writes:
> From the Internet Worm to Code Red, consumers do
> install software when they perceive either a
> threat or a benefit.
What percentage of users, even today, have installed fixes for either of
these problems?
> What I've found so amusing is that people seem
> to upgrade their Micr
e-mail with or
without spam.
- Original Message -
From: "Michael Thomas" <[EMAIL PROTECTED]>
To: "Anthony Atkielski" <[EMAIL PROTECTED]>
Cc: "IETF Discussion" <[EMAIL PROTECTED]>
Sent: Thursday, May 29, 2003 22:56
Subject: Re: spa
Dean writes:
> I expect that Type 1 spammers will comply. Some already are.
Of course they will. The whole idea of Type 1 spammers is to provide a way
for you to contact them, anyway, so they have little incentive to hide.
John writes:
> In the US, ISPs are not, and never have been
> viewed, as common carriers.
I recall a case involving CompuServe in which it was treated at least
partially as a common carrier, not responsible for the content of its
network.
>(1) Treatment of publisher or speaker
>No pr
Noel writes:
> It *better* be solvable, otherwise when email
> becomes 99% spam, everyone will stop reading email.
I wouldn't worry about that. When everyone stops reading e-mail, spam will
disappear again. Remember, spammers only send out spam because people reply
to it. If nobody replies, th
Doug writes:
> Do we have to solve *the* spam problem?
I'm beginning to think that it cannot be solved--not technically, and not
legally. One man's spam is another man's legitimate e-mail. It's like
censorship.
> The hard problem is how to allow people to be
> generally accessible by email, bu
Valdis writes:
> You're welcome to extend your proposal to handle
> bootstrapping communications between people who
> haven't before ...
There isn't any way to automate this without opening the door to spammers.
> ... if the whole intent of the "secret number"
> is so I can ignore email without
David writes:
> One model exists in the postal service operated
> 'by' each country.
Have you really thought through how much this would cost in the Internet
world? It would be a staggering burden, just as it already is for postal
mail.
A large part of what you pay in postage for a letter simpl
Tony writes:
> Not if it simultaneously wants protection from
> liability for any content that the customer might
> be sending.
Now that I can fully agree with, although it's not an engineering issue.
ISPs that simultaneously want common-carrier protection from liability AND
the ability to finel
Dave writes:
> The question is what the IETF can or should do
> about bad ISP customer policies, when those policies
> do not cause operations problems for the rest
> of the Internet?
Nothing. While I'm strongly opposed to such restrictive policies at ISPs, I
don't see how they have anything to
Tony writes:
> Which is precisely the goal. It is not so extreme
> as to make routine mail unusable, but extreme enough
> to make random bulk mail not worth the cost.
Point taken, although I think conventional encryption would probably a
better choice for this purpose.
I think, though, that a mo
David writes:
> In the USA today, it costs $.37 to send a physical
> mail. I don't think it unreasonable for someone
> sending me mail to pay a similar fee ...
You can pay me via PayPal. Looking at my inbox, you owe me $1.48 already.
> ... conversely for me to pay such a fee for each
> of my po
Tony writes:
> Rather than passing a token, require the mail to
> be encrypted with the public key of the recipient.
Public-key encryption of an entire e-mail is extremely processor-intensive.
Even conventional encryption is very time-consuming. You can just hash it
and sign the key.
However, t
Andy writes:
> Look, you've solved the spam problem too!
That's exactly how I deal with it personally, but not everyone finds this an
acceptable solution, so it would be nice to help them look at other options.
Tim writes:
> Can the discussion now retire to the IRTF
> anti-spam list?
Does your computer have a Delete key?
Jim writes:
> Add Earthlink to the list.
Thus far I've had no trouble sending e-mail to Earthlink.
> If a phone company acted like some of these
> ISP, we would have situtations like Verizon
> blocking all incoming calls from phones in Ohio.
Don't give them any ideas.
In the future, it may bec
Eric writes:
> Your response to this point was, and I quote
> here: "Don't get email on measured rate services,
> then." which is a limp way of saying that spam
> costs people with these links too much money for
> them to use email.
The ability to receive e-mail is not a Constitutional right. So
Tony writes:
> I get:
> [<02>] The reason of the delivery failure was:
>
> 550-The IP address you are using to connect to AOL is a dynamic
> (residential) 550-IP address. AOL will not accept future e-mail
> transactions from your 550-IP address until your ISP removes your IP
> from its list of dy
Tony writes:
> In a major example of false positives, we already
> have examples of one real cost of spam. AOL (as one
> example of many) has declared ranges of IP addresses
> marked 'residential' as invalid for running a particular
> application.
AOL bounces all of my e-mail, but they are unable
Atul writes:
> In short, this should belong in some general purpose
> Internet Security Forum discussions.
Spam is not a security issue, just a nuisance.
Russ writes:
> If you, like another poster in this thread, are
> currently only receiving 5-10 spams a day, congratulations,
> you don't have to care yet.
I receive about 300 a day, and that number is increasing very rapidly.
Paul writes:
> ... the problem isn't deterring spammers or even
> preventing abuse, but rather designing a new
> interpersonal batch communications system (ibcs?)
> which allows a receiving party to accept or reject
> inbound traffic with some kind of confidence in
> the identity of the sender, th
1 - 100 of 192 matches
Mail list logo
