FYI - US Government requesting information on E-Mail Authentication

Richard Shockey <> Wed, 22 September 2004 14:54 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id KAA14395; Wed, 22 Sep 2004 10:54:32 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.33) id 1CA8cW-0000MN-7N; Wed, 22 Sep 2004 11:01:24 -0400
Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1CA8Ka-0007Ts-Ut; Wed, 22 Sep 2004 10:42:52 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1CA8F2-0005LX-BR for; Wed, 22 Sep 2004 10:37:08 -0400
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id KAA12690 for <>; Wed, 22 Sep 2004 10:37:05 -0400 (EDT)
Received: from ([] by with esmtp (Exim 4.33) id 1CA8LT-0008Pn-1c for; Wed, 22 Sep 2004 10:43:57 -0400
Received: from ( []) by (8.11.6/8.11.6) with ESMTP id i8MEaPq17072; Wed, 22 Sep 2004 07:36:25 -0700
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Wed, 22 Sep 2004 10:36:11 -0400
From: Richard Shockey <>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.8 (/)
X-Scan-Signature: 825e642946eda55cd9bc654a36dab8c2
Subject: FYI - US Government requesting information on E-Mail Authentication
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-Spam-Score: 0.8 (/)
X-Scan-Signature: 5d7a7e767f20255fce80fa0b77fb2433

For Release: September 15, 2004

FTC, NIST to Host E-mail Authentication Summit

Adoption of Technology Could Help Thwart Spam

The Federal Trade Commission and National Institute of
Standards and Technology (NIST) will co-host a two-day
"summit" November 9-10 to explore the development and
deployment of technology that could reduce spam. The
E-mail Authentication Summit will focus on challenges
in the development, testing, evaluation, and
deployment of domain-level authentication systems.

A Federal Register Notice to be published today notes
that the FTC's National Do Not
E-mail Registry Report to Congress stated that
"significant security, enforcement, practical and
technical challenges rendered a registry an
ineffective solution to the spam problem." The report
identified domain-level authentication as a promising
technology that would enable Internet Service
Providers (ISPs) and others to better filter spam, and
would provide law enforcers a tool to locate and
identify spammers.

The Notice states that the Simple Mail Transfer
Protocol (SMTP) currently in use for
e-mail allows spammers to use techniques like
"spoofing," open relays, open proxies, and "zombie
drones" to remain anonymous, evade spam filters, and
elude law enforcers. "To remove this cloak of
anonymity, ISPs and others involved with the e-mail
system have proposed domain-level authentication
systems that would enable a receiving mail server to
verify that an e-mail message actually came from the
sender's purported domain," the notice says.

The FTC is seeking public comment on:

     * Whether any of the proposed authentication
standards (either alone or in conjunction with other
existing technologies) would result in a significant
decrease in the amount of spam received by consumers;

     * Whether ISPs that do not participate in an
authentication regime would face any challenges
providing e-mail services. If so, what types of
challenges these ISPs would face and whether these
challenges would in any way prevent them from
continuing to be able to provide e-mail services;

     * Whether an Internet-wide authentication system
could be adopted within a reasonable amount of time.
Description of industry and standard-setting efforts,
whether there is an implementation schedule in place
and, if so, the time frames of the implementation

and 27 other questions listed in the Federal Register
Notice that will be discussed or addressed at the

Parties who wish to participate in the Summit must
send a statement to the FTC and NIST setting forth
their expertise in, or knowledge of, the issues by
September 30, 2004. The FTC and NIST will select
participants who submitted timely responses that
demonstrate expertise in or knowledge of the issues,
and whose participation would promote the
representation of a balance of interests at the

The Commission vote to publish the Federal Register
Notice was 4-0-1 with Commissioner Jon Leibowitz not

Written comments should be identified as "E-mail
Authentication Summit-Comments," and written requests
to participate in the E-mail Authentication Summit
should be identified as "E-mail Authentication
Summit-Request to Participate." Written comments and
requests to participate should be submitted to:
Secretary, Federal Trade Commission, Room 159-H (Annex
V), 600 Pennsylvania Ave., N.W., Washington, DC 20580.
If submitting in paper form, parties must submit an
original and three copies of each document. The FTC
requests that any comment filed in paper form be sent
by courier or overnight service, since U.S. postal
mail in the Washington area and at the Commission is
subject to delay due to heightened security
precautions. In the alternative, parties may e-mail
comments and requests to participate to To ensure that the
Commission considers an electronic comment, you must
file it with the FTC at this e-mail address. For
further requirements concerning the filing of comments
and requests to participate, please consult the
Request for Comments and Requests to Participate
sections of the Federal Register Notice for the E-mail
Authentication Summit (linked to this news release on
the FTC Web site:

Richard Shockey, Senior Manager, Strategic Technology Initiatives
NeuStar Inc.
46000 Center Oak Plaza  -   Sterling, VA  20166
ENUM +87810-13313-31331
PSTN Office +1 571.434.5651 PSTN Mobile: +1 703.593.2683,  Fax: +1 815.333.1237
<mailto:richard(at)> or <mailto:richard.shockey(at)>
<> ; <>

Ietf mailing list