Re: [Asrg] Trust, misunderstood?

Danny,

 Other than providing a means for parties to accepting "trusting" 
senders, this is exactly what I implemented. I assumed that OOB was used 
to validate the trust. I didn't use PGP but felt CA's were the better 
way to go (personal belief).

Chuck Wegrzyn

Danny Angus wrote:

>Hi all,
>
>There's been some talk about trust systems recently, I think I instigated
>some of it, and I feel that a number of comments have been made which kind
>of miss the point about trust. I'd like to outline my take on trust and why
>I believe trust should be considered by this group.
>
>First off trust isn't an absolute. Realistically I can only trust people I
>know, and even then I could misjudge them. To rely on another person's
>judgement is more risky still. It is also all wrong to think of trust as YES
>or NO, there are degrees of trust, some people we'd trust with our lives,
>others with our car keys, yet more with our phone numbers. We don't say YES
>or NO to the phone number guys, we say "I trust you just enough not to abuse
>this information"
>
>Secondly in existing trust mechanisms it is possible, but not widely used,
>for end users to make decisions about whom of trust issuers they will trust,
>and accept the judgement of in assessing an unknown third party.
>
>For example It is possible to score PGP keys according to who I trust and
>why, my immediate circle get full marks, those known to them will be assumed
>to have a high degree of trust worthiness, and so on. When I encouter a
>third party I can make a judgement according to how many of the people I
>trust, and how much I trust them, have signed the certificate.
>
>Likewise revocation could have a detrimental affect if a close associate of
>mine has revoked their trust, less effect if I don't trust the revoker.
>
>SSL certificates can be revoked if client software actually bothers to check
>revokation lists.
>
>Now Email:
>
>Forming a judgement about whether or not to trust, and to what extent, an
>unknown sending MTA is about much more than checking a certificate.
>Of course a signed certificate, signed by someone I trust, can influence my
>decision, like wise I can consider RBL's and other blacklists, reverse DNS
>etc, etc. I could attempt to relay mail through a suspect host myself if I'm
>suspicious.
>
>So what I propose for the basis of a trust system would be for a mechanism
>by which SMTP can temporarily block a transaction in order for the recipient
>to carry out checks and create a trust score for the sending MTA.
>
>If this mechanism provides for the optional exchange of certificates these
>can be included in the calculation.
>
>My Trust system would allow mail admins to set rules and thresholds for
>trust, allowing admins to raise and lower the barrier of trust which could
>be crossed *automatically* by well behaved hosts. Other hosts could be
>rejected out of hand or sin-binned until a more thourough check is carried
>out.
>
>I could offer my scores to my friends. Who, if they trust my judgement,
>could use this to help in making their judgement.
>
>The commercial madness which is the "installed root CA certificates" of the
>browsers is idiotic, I have no reason at all to trust verisign or thawte who
>are those guys?!? But if my (they are respectable!) ISP had signed a
>certificate, or offered me their tust rating for a host I'd be much more
>likely to trust that host a bit.
>
>Unfortunately I'm  going away for a week so I won't be able to respond to
>anyones comments (or flames!) 'till I get back.
>
>d.
>
>
>_______________________________________________
>Asrg mailing list
>Asrg@ietf.org
>https://www1.ietf.org/mailman/listinfo/asrg
>
>  
>

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg