Re: [Asrg] Computer Security Communication Network

"John Levine" <johnl@taugh.com> Sun, 16 December 2012 18:10 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 340A221F8715 for <asrg@ietfa.amsl.com>; Sun, 16 Dec 2012 10:10:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -107.927
X-Spam-Level:
X-Spam-Status: No, score=-107.927 tagged_above=-999 required=5 tests=[AWL=1.413, BAYES_20=-0.74, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxJ5gYjREgAU for <asrg@ietfa.amsl.com>; Sun, 16 Dec 2012 10:10:30 -0800 (PST)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id CA86D21F855B for <asrg@irtf.org>; Sun, 16 Dec 2012 10:10:29 -0800 (PST)
Received: (qmail 12286 invoked from network); 16 Dec 2012 18:10:26 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP; 16 Dec 2012 18:10:26 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=50ce0e91.xn--hew.k1212; i=johnl@user.iecc.com; bh=XJpFinmSQl180Fc/bdu36Jy93QPDwlwzayWa34AeuC4=; b=ShYl/lqyWxSk0Mbjp7us9qlkJXtjfBYLSr16u1j2T//kEbCEXRJZpGmxNJSKeVqzZXCmqhelsEVnGaxMfUkNqBFh6GEDsU71CD1q1iynLqTgwBjJf2xkN3XQ/zT7EUyhCL9G4mO6ubHGqifZ2Se3/s2XbWYMHj3tsIwHOg7+DHM=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=50ce0e91.xn--hew.k1212; olt=johnl@user.iecc.com; bh=XJpFinmSQl180Fc/bdu36Jy93QPDwlwzayWa34AeuC4=; b=ks79cFv8EpIMA9nmsRh0jvqiLuK3lWz0l3Fg+pTPf9Zon2tRr29X21I/1orQpJ/9Rg33fAHE8kyq9ZArPjIoqFuTT7QvVqLVM+DsWK94Cel/GemEzzZhtPmTsR3YsNgEwbLaLbBA4hLX3xlKCcuhWf8yHNZE+4Ij0ocI0mm2Qpk=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: 16 Dec 2012 18:10:03 -0000
Message-ID: <20121216181003.46545.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <SNT002-W1162FDBE7C267DEF68DAD46C5330@phx.gbl>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] Computer Security Communication Network
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Dec 2012 18:10:31 -0000

> The aforementioned distributed, decentralized computer security
> communication network, a computer system for the dissemination of
> instantaneous computer security information between computer
> scientists is an interesting topic.

Since this assertion is rather dubious, we can skip the rest of the
message for now.

We already have effective ways to distribute material from a central
point, such as CDNs.  We also already have usenet (yes, it still
exists and some parts remain quite healthy.)

The main thing that a distributed network provides is the ability for
anyone to send out material, but as we've seen on usenet, that
instantly falls afoul of Sturgeon's Law.

In the meantime you might take a look at DCC: http://www.rhyolite.com/dcc/

It is not totally open like typical p2p networks, but anyone with
resonably large mail volume and who doesn't smell like a sleazeball
can run a server that exchanges DCC data, and anyone at all can
contribute message hashes.  It's relatively resistant to bad guys
because the main thing you can do to poison it is to report hashes of
single messages as spam, which doesn't help other than for a rather
arcane DoS.