RE: [Asrg] C/R Interworking Framework
"Eric Dean" <eric@purespeed.com> Tue, 27 May 2003 14:18 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA13789 for <asrg-archive@odin.ietf.org>; Tue, 27 May 2003 10:18:42 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4REIE623062 for asrg-archive@odin.ietf.org; Tue, 27 May 2003 10:18:14 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4REIEB23059 for <asrg-web-archive@optimus.ietf.org>; Tue, 27 May 2003 10:18:14 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA13771; Tue, 27 May 2003 10:18:11 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19KfFm-0004ct-00; Tue, 27 May 2003 10:16:38 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19KfFm-0004cq-00; Tue, 27 May 2003 10:16:38 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4REGQB22937; Tue, 27 May 2003 10:16:26 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4REF8B22761 for <asrg@optimus.ietf.org>; Tue, 27 May 2003 10:15:08 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA13514 for <asrg@ietf.org>; Tue, 27 May 2003 10:15:05 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19KfCm-0004a9-00 for asrg@ietf.org; Tue, 27 May 2003 10:13:32 -0400
Received: from ns2.tidalwave.net ([66.77.68.8] helo=mailgate.purespeed.com) by ietf-mx with esmtp (Exim 4.12) id 19KfCl-0004Zh-00 for asrg@ietf.org; Tue, 27 May 2003 10:13:31 -0400
Received: from purespeed.com (mail.purespeed.com [66.77.69.8]) by mailgate.purespeed.com (Postfix Relay Hub) with ESMTP id 4B31F13AA2; Tue, 27 May 2003 10:17:45 -0400 (EDT)
Received: from HOMEY [68.100.19.195] by purespeed.com (SMTPD32-7.13) id A2A74F07008C; Tue, 27 May 2003 10:13:59 -0400
From: Eric Dean <eric@purespeed.com>
To: Yakov Shafranovich <research@solidmatrix.com>, asrg@ietf.org
Subject: RE: [Asrg] C/R Interworking Framework
Message-ID: <MBEKIIAKLDHKMLNFJODBIEDFFFAA.eric@purespeed.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
In-Reply-To: <5.2.0.9.2.20030525004309.00bc9e60@solidmatrix.com>
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 27 May 2003 10:16:40 -0400
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
> >This document identifies MIME experimental content-type values for > allowing automated C/R system interworking. > >[..] > > Aren't we using headers? Headers seems to be an ambiguous term to me..maybe it's much clearer to others. I am not proposing the modification of SMTP to introduce new headers. The use of experimental MIME content values is just fine and ensures comptibility with non-CRI systems as the are simply ignored..or removed in some cases. > > Is there room in the specifications for the following: There's room for anything that makes sense..and I like the term specification better than proposed standard or draft since we are a research group. > 1. Tag or certification systems which will send their seal or certificate > as a response. So..if there is a third party CA...then we could validate the server. Then there are more headers introduced here..and it sounds as if you are moving towards authenticated mail servers. Not a bad idea..but don't believe it has a place within CRI. That's not to say that they couldn't be compatible or run as ships in the night as an overlay security model..but don't think they have a home in something as limited as CRI. I would recommend that you write up your own thoughts on such a model using certificates. > 2. Economic systems which will use the cryptographics or some > other methods > like hashcash to add costs to email. Again, I see no conflict..but anyone can use any experimental MIME values. I would also recommend that you write up your ideas here. > > What will stop a spammer from putting X-CM headers into the message Well a spammer would have to engage in a 3-way handshake process using valid domains, MX records, and sender address. While some will in fact commit such crimes, others may be detered. Placing the headers in a message merely allows a CRI system to respond. It doesn't create an additional vulnerabilities. > and > what happens in that case - is there message let through or the > C/R system > responds to it, thus validating the receiver's email? CRI only automates what user's automatically do today. A mail system would have to maintain state of all outgoing email and then automatically respond to CRI messages. Sending unsolicitied CRI messages would have the same effect of sendig an unsolicited TCP socket to a stateful firewall. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- Re: [Asrg] C/R Interworking Framework John Fenley
- RE: [Asrg] C/R Interworking Framework Eric Dean
- RE: [Asrg] C/R Interworking Framework Yakov Shafranovich
- RE: [Asrg] C/R Interworking Framework Eric Dean
- RE: [Asrg] C/R Interworking Framework Yakov Shafranovich
- RE: [Asrg] C/R Interworking Framework Peter Kay
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Vernon Schryver
- RE: [Asrg] C/R Interworking Framework Eric Dean
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Vernon Schryver
- RE: [Asrg] C/R Interworking Framework Peter Kay
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Vernon Schryver
- Re: [Asrg] C/R Interworking Framework Dave Aronson
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Vernon Schryver
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Kee Hinckley
- Re: [Asrg] C/R Interworking Framework Scott Nelson
- RE: [Asrg] C/R Interworking Framework Peter Kay
- RE: [Asrg] C/R Interworking Framework Peter Kay
- RE: [Asrg] C/R Interworking Framework Scott Nelson
- RE: [Asrg] C/R Interworking Framework Peter Kay
- RE: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Rob Cameron
- RE: [Asrg] C/R Interworking Framework Peter Kay
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- Re: [Asrg] C/R Interworking Framework Art Pollard
- RE: [Asrg] C/R Interworking Framework Peter Kay
- Re: [Asrg] C/R Interworking Framework Yakov Shafranovich
- RE: [Asrg] C/R Interworking Framework Eric D. Williams
- RE: [Asrg] C/R Interworking Framework Yakov Shafranovich
- RE: [Asrg] C/R Interworking Framework Art Pollard
- RE: [Asrg] C/R Interworking Framework Art Pollard
- RE: [Asrg] C/R Interworking Framework Eric D. Williams
- RE: [Asrg] C/R Interworking Framework Yakov Shafranovich