Re: [Asrg] request for review for a non FUSSP proposal

[Claudio Telmon <claudio@telmon.org>]

Alessandro Vesely wrote:

> Your are right, in turn: after reading the "deployment" section, it is
> fairly clear that a transition is not necessary. I'm not sure how well
> point "Voluntary participation" 2.3.9 of Danny's criteria connotes your
> framework as not being an anti-spam technique. I think it may actually
> have more chances when explicitly targeted to guard children, rather
> than generically "non FUSSP".

I considered to use terms like "protected mailboxes", but at the end it
didn't like it, since it describes an expected effect (protection) and
not what is actually done (enabling the framework). Also, while the
"children" case is a clear one, I think that many other classes of users
could benefit from this option. I only used the term FUSSP in the
message to this list :)
Anyway, the "voluntary participation issue" is probably not clearly
stated in the document. If I enable the framework, you're not forced
into enabling the framework, you just won't be able to communicate with
me. The same happens if I enable https on my webserver: you're not
forced into adopting https, you just won't be able to access my content,
you can access the rest of Internet. This doesn't make https a "non
voluntary" protocol.

BTW, there is still a couple of points in my paper on which I would
really like to have a comment from this list. One is the key point that
spam (at least, UBE) respecting the constraints of consent requests,
that is "short text-only messages", would reduce the workload for MTAs
with respect to protected/consent-enabled addresses. This wouldn't be
true e.g. if most filtering is actually made on the envelope.

Also, I suppose that the burden of dealing with the token database on
the MTA is not a big issue for the MTA itself (not for the user), but
you surely know better.

-- 

Claudio Telmon
claudio@telmon.org
http://www.telmon.org