Re: [ietf-smtp] epostage is still a bad idea, the inedible parts of IETF dogfood consumption - SMTP version
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 19 December 2019 22:55 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6924120048 for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 14:55:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.396
X-Spam-Level:
X-Spam-Status: No, score=-1.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibkbRUB0x7XD for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5585B12001A for <ietf@ietf.org>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
Received: by mail-ot1-f42.google.com with SMTP id a15so9239286otf.1 for <ietf@ietf.org>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ChQ8bjvhu2m2TgBEnrzQKhhfivLy1P91/vDZHzEsQ6E=; b=BK5ttERQTomcFvhbVU7SOxMQ+9gSFs2kUt5Qvw2aE2HEvmnkBJuqkuX/MEUL0yLSYX Lu8QB7wBzliA20/ApJG4viZLmKbdCQ413MvyNO7UH+/+QGfEqGJa+df/E/jReY8ir3JT Tg7sLezX4a6AmXU9JbQ1JJ1tsdfDGJ/9JIL3VNFyxWOargz4vaZVOP8/hI4+4RQUtD/9 hbuq4jHSzykf73eUZtEnJEltXpP/Ncsum10rIwcngHR+0WZmlBv2sxSz9SWUrwgwvJUp YPQWWdGe55wfU/3OpmD14aFPD+faDYbGYaIS/+rsWyQvcNne/dxJYzCKqnG/qJxGk0S3 ZnPQ==
X-Gm-Message-State: APjAAAUpjWa8TZSGpY9tJw30dQxpKSZVVzVy3ai+Pp31g0sOrhRxgLIC XJzCwaoUq/O5FKOWRbkFeWxAYGFaoS/1aPf+Nqg=
X-Google-Smtp-Source: APXvYqz1EtB4cFcjbxqQXc8vfcrgsZ/2OgQInCnoDW1Aqn7rCOyQ3XaxcLPK5n8ByzC9Pb06aT2kwzb9XNwE/r/bK/Y=
X-Received: by 2002:a05:6830:2154:: with SMTP id r20mr11483961otd.66.1576796117560; Thu, 19 Dec 2019 14:55:17 -0800 (PST)
MIME-Version: 1.0
References: <20191218020726.4FA601178860@ary.qy> <aacdb008-a894-d116-d0ee-afb5bfa36477@network-heretics.com> <CAKr6gn0JYfziVEyL1mH-WZxyy7tFct77jafjbh2fVGU4CPysQA@mail.gmail.com> <alpine.OSX.2.21.99999.374.1912180916250.77074@ary.qy> <CAMm+Lwg7brq8jb6JZHVuJiAzM4CoJWBMRDf3Q2dnnOzd5KNA-A@mail.gmail.com> <CABa8R6u_xwDH+40eFjg7-pXgW7W1f_2gfNN5f7mfTkVCkKbNYQ@mail.gmail.com>
In-Reply-To: <CABa8R6u_xwDH+40eFjg7-pXgW7W1f_2gfNN5f7mfTkVCkKbNYQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 19 Dec 2019 17:55:06 -0500
Message-ID: <CAMm+LwjNswRu735ox1EY9ps1bkyQFB=BBBr_+BFx-hme1gecGA@mail.gmail.com>
Subject: Re: [ietf-smtp] epostage is still a bad idea, the inedible parts of IETF dogfood consumption - SMTP version
To: Brandon Long <blong@google.com>
Cc: John R Levine <johnl@taugh.com>, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000078740d059a1674a3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/r4lfsox3axl04sEXyMYgT8BvnDE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 22:55:20 -0000
On Thu, Dec 19, 2019 at 3:52 PM Brandon Long <blong@google.com> wrote: > > > On Wed, Dec 18, 2019 at 11:12 AM Phillip Hallam-Baker < > phill@hallambaker.com> wrote: > >> If we knew how to deploy such a radical change as sender pays, we would >> surely also know how to do the much easier task of replacing SMTP with a >> protocol that is secure by default. >> >> * Every message is signed by the sending client. >> * Every message is signed by the originating mail service. >> * Every mail receiving service performs access control on inbound messages >> * Every mail client performs access control on messages >> >> Messaging abuse isn't entirely absent on Facebook, Skype, Signal, etc. >> but it is virtually non-existent compared to telephone and email. We are >> rapidly reaching the point where a large number of customers are going to >> start unplugging from POTS and only use it for voice mail because the level >> of abuse is utterly insane. >> >> Subjecting every message to access control is pretty straightforward when >> you can start with the principle that every message is authenticated by the >> sender. Defining a set of access control rules that work for me is pretty >> straightforward. >> >> 1) I will accept a contact request of 200 characters or less from anyone >> >> 2) I will accept requests from anyone in my contact book that are >> compatible with the authorizations specified there (e.g. Alice can send me >> mail or voice, Bob only voice, Carol can send me code, etc). >> >> 3) I will accept messages from anyone who has attended an IETF meeting or >> is a member of an an affinity group I am a member of (school, university, >> etc. etc.) >> >> 4) Reject everything else >> >> Trying to shoehorn this into the legacy SMTP environment is tough because >> the default is insecure. But there are plenty of closed environments that >> don't use SMTP which could switch to another messaging protocol. >> >> While I was writing this, I was interrupted by the Nest telling me >> something I didn't need to know. There is also a 'secure' messaging center >> on the Nest site and I have the same for each of my banks, brokers, etc. >> Wouldn't it be nice if all of those could send me messages using a protocol >> they know is secure and meets their HIPPA, GDPR, MMQF, etc. requirements? >> > > The challenge with the secure messaging systems is only partially due to > transit concerns, they also want to be in the loop for the ACL to view the > message and control the lifecycle of the message as well. > Oh don't tempt me, I would love to be able to add Micali Fair Contracts to my code...
- Re: IETF Policy on dogfood consumption or avoidan… Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- IETF Policy on dogfood consumption or avoidance -… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Randy Bush
- Re: IETF Policy on dogfood consumption or avoidan… John Levine
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Nick Hilliard
- Re: IETF Policy on dogfood consumption or avoidan… Keith Moore
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Salz, Rich
- Re: IETF Policy on dogfood consumption or avoidan… Keith Moore
- Re: IETF Policy on dogfood consumption or avoidan… Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- Re: IETF Policy on dogfood consumption or avoidan… John R Levine
- Re: IETF Policy on dogfood consumption or avoidan… Randy Bush
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Keith Moore
- Re: IETF Policy on dogfood consumption or avoidan… Nick Hilliard
- Re: IETF Policy on dogfood consumption or avoidan… S Moonesamy
- Re: IETF Policy on dogfood consumption or avoidan… Glen
- Re: IETF Policy on dogfood consumption or avoidan… Nick Hilliard
- Re: IETF Policy on dogfood consumption or avoidan… Phillip Hallam-Baker
- Re: IETF Policy on dogfood consumption or avoidan… Glen
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Andrew G. Malis
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Andrew G. Malis
- Re: IETF Policy on dogfood consumption or avoidan… Randy Bush
- Re: IETF Policy on dogfood consumption or avoidan… Jay Daley
- Re: IETF Policy on dogfood consumption or avoidan… Andrew G. Malis
- Re: IETF Policy on dogfood consumption or avoidan… Jay Daley
- Re: IETF Policy on dogfood consumption or avoidan… Rob Sayre
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Salz, Rich
- Re: IETF Policy on dogfood consumption or avoidan… Alissa Cooper
- Re: IETF Policy on dogfood consumption or avoidan… Jay Daley
- Re: IETF Policy on dogfood consumption or avoidan… Hector Santos
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Brian E Carpenter
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Hector Santos
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Salz, Rich
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Keith Moore
- Re: [ietf-smtp] the inedible parts of IETF dogfoo… John Levine
- Re: [ietf-smtp] the inedible parts of IETF dogfoo… Keith Moore
- Re: [ietf-smtp] the inedible parts of IETF dogfoo… George Michaelson
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Randy Bush
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Hector Santos
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Hector Santos
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Eliot Lear
- Re: IETF Policy on dogfood consumption or avoidan… Alissa Cooper
- Re: [ietf-smtp] epostage is still a bad idea, the… John R Levine
- Re: [ietf-smtp] IETF Policy on dogfood consumptio… Salz, Rich
- Re: [ietf-smtp] epostage is still a bad idea, the… Phillip Hallam-Baker
- Re: IETF Policy on dogfood consumption or avoidan… Keith Moore
- Re: IETF Policy on dogfood consumption or avoidan… Hector Santos
- Re: IETF Policy on dogfood consumption or avoidan… John C Klensin
- Re: IETF Policy on dogfood consumption or avoidan… Eliot Lear
- Re: IETF Policy on dogfood consumption or avoidan… Alessandro Vesely
- Re: IETF Policy on dogfood consumption or avoidan… Viktor Dukhovni
- Re: IETF Policy on dogfood consumption or avoidan… Eliot Lear
- Re: IETF Policy on dogfood consumption or avoidan… Hector Santos
- Re: [ietf-smtp] epostage is still a bad idea, the… Brandon Long
- Re: [ietf-smtp] epostage is still a bad idea, the… Phillip Hallam-Baker
- Re: IETF Policy on dogfood consumption or avoidan… Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- Re: IETF Policy on dogfood consumption or avoidan… Hector Santos
- The dogfood discussion (was: Re: IETF Policy on d… John C Klensin
- Re: The dogfood discussion (was: Re: IETF Policy … Viktor Dukhovni
- Re: The dogfood discussion (was: Re: IETF Policy … Eliot Lear (elear)