Re: Trying to do too much (was Re: the introduction problem, etc.)
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 19 May 2022 02:50 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D464C1D5ADE for <ietf@ietfa.amsl.com>; Wed, 18 May 2022 19:50:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.403
X-Spam-Level:
X-Spam-Status: No, score=-1.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8zlWijECmSf for <ietf@ietfa.amsl.com>; Wed, 18 May 2022 19:50:46 -0700 (PDT)
Received: from mail-yb1-f170.google.com (mail-yb1-f170.google.com [209.85.219.170]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D20DC1D5ADC for <ietf@ietf.org>; Wed, 18 May 2022 19:50:46 -0700 (PDT)
Received: by mail-yb1-f170.google.com with SMTP id q135so6752368ybg.10 for <ietf@ietf.org>; Wed, 18 May 2022 19:50:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hYp305L/l77bCNRgdOPPK6Y/Lx3ujUi6v2YsEqETz44=; b=6tLvoWXJEY0DrdyNgVckAxkq4Soa6BFBNp29feBvajXuZTVCGSTuh5Q72GHD4jI9k0 urzTcvaziFVNL9ygf/vNxH00OKpGtFaKA9Ov/yBUhryMiZlrK0CE84yKqC97ncjGHs8R fi6XyGTxaO/9as9dYZs5sVJIPk1JyPxbS8OaKZh/2SKKz5ma5WY2byYNfhhJ82W6R1VN fL1TfJ2juEwVpe7qVm8n423BE+Sr25gyBabpJ9byLOzYIb/3o6AUr7v/VtukPzbrdDE1 pXFwgd1OkX8S8JYKdNqejtrwGPrFX50IFgIXKUtP3OecftDe8TM30jx5IJT3npdtfPdE dA5Q==
X-Gm-Message-State: AOAM533h6wB5yLrc4QoRoGlgdXer1t3v/k0eUmiTpz/RmWobNIRr5WQb rVRSTSZicYjMHKrkXmwOILFNbPX7A31xfm6FfPdH4Ml1ITE=
X-Google-Smtp-Source: ABdhPJwkna56L275KeZrwFBbtPTpYF3SJFUpiBSMOJXX5fJzgeltMkM6HWgbX633oZHl3RmyB/+Vy9+IWlJk+0e3rzE=
X-Received: by 2002:a05:6902:154f:b0:64f:2bd1:3d39 with SMTP id r15-20020a056902154f00b0064f2bd13d39mr1704308ybu.456.1652928645714; Wed, 18 May 2022 19:50:45 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+LwhD8wHJ284z91X5XP-8f+9=Dx1Kd50=8-Pd3SX==W6ivw@mail.gmail.com> <20220514171447.23A3840334EA@ary.qy> <CAMm+LwivypwPG_mAc=3w=dY4w9rgvO8+qY=c3Et+Gkitdw8GMA@mail.gmail.com> <3a66b3f8-03c0-d6b4-51fc-df093d88524f@taugh.com> <CAMm+LwjddEN3zS76SCnNtRb1cvq3ofnDdy6YXP5-SqjEsf2-8Q@mail.gmail.com> <a18d7934-acc8-ec51-1671-fa2ed98285e9@necom830.hpcl.titech.ac.jp> <A744D295-3C2D-46B9-AFD8-E3174115F15A@bluepopcorn.net>
In-Reply-To: <A744D295-3C2D-46B9-AFD8-E3174115F15A@bluepopcorn.net>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 18 May 2022 22:50:33 -0400
Message-ID: <CAMm+LwiEAfB7T-A6d0_RY0qbNXdw_U999=610n29z4+9OKj1qQ@mail.gmail.com>
Subject: Re: Trying to do too much (was Re: the introduction problem, etc.)
To: Jim Fenton <fenton@bluepopcorn.net>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c456dd05df5470de"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/yW-VrWGVyGPDSavu58IqKIJUkPU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2022 02:50:50 -0000
I agree in part. Over 90% of my emails are from mailing lists and SMTP mailing lists are a real Rube Goldberg affair. This is the exact problem NNTP set about trying to solve. It is a flawed solution but the idea that mailing lists are a separate modality is sound. That said, I think far too often IETF protocols have failed because they have tried to do too little. Take PKIX which has three certificate status mechanisms because each time we tried to do the job properly, there was a chorus of 'don't try to boil the ocean'. And we ended up with an inadequate solution that inevitably led to the next one. What SMTP lacks did not exist when it was first proposed. We did not have the technology even if we understood the requirements. * We have portable telephone numbers, why don't we have portable email addresses? * Why do I have to use different protocols to send Alice a message of 100 characters, 10MB and 10 GB ? I have phase 1 of the Mesh ready for release: https://www.youtube.com/watch?v=zrBv717w8yY The basic premise here is that the missing part of PUBLIC Key Infrastructure was managing the private keys. The Mesh is designed to be a configure and forget technology. Once you have connected a device to your personal Mesh and said what its authorized functions are, all the provisioning of keys and credentials takes place automatically. No matter whether you want your end-to-end messaging scheme to be based on OpenPGP, S/MIME or Mesh Messaging, the Mesh can do all the heavy lifting of managing private keys and credentials for you. Phase 1 of the Mesh provides an end to end secure password vault. Now provisioning public key pairs to devices so that they can access a password vault for authentication is a necessary transitional strategy but it is clearly bogus long term. When I was cutting the demo reels I said the next phase will be to provision out FIDO keys and credentials to the devices. After reading the FIDO alliance materials and working on the problem a bit, I have changed my mind: Every browser already supports everything I need in TLS Client Authentication. All I need to do is use the Mesh to provision TLS Client auth keys and certificates to each device. All we need to do is to write a profile that allows Web sites to specify Mesh TLS client auth certs and we are done (for authentication at least, not for ceremony). I do agree that we need multiple types of messaging interaction but I think we can use a common messaging protocol base with all the authentication / encryption / payment schemes in place. Where I plan to go in phase 3 is workflow. On Wed, May 18, 2022 at 7:53 PM Jim Fenton <fenton@bluepopcorn.net> wrote: > Reading this long thread on the introduction problem and all sorts of > other things reminds me that it isn’t productive to try to solve all of > email’s problems with a single protocol. Email evolved as an easy way to > contact basically anyone, and as a result got used for a lot of > applications with different (and even conflicting) requirements. > > We should be working defining a number of protocols that handle some of > the things that email is used for today, and that email doesn’t do well. > Some examples might be mailing lists, newsletters, advertising, > notifications, and even personal correspondence. Some of these have an > introduction problem, and others are explicitly opt-in and could solve the > problem at opt-in time. They might even be merged together for the user so > they don’t need to look at multiple things. And yes, there would still be > email to handle the “everything else” cases. > > I’ve been playing around with something to handle notifications, but it’s > not clear how that would achieve deployment even if it worked well. There > is a definite chicken-and-egg problem here. > > -Jim > >
- Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 tom petch
- Re: Service outages planned for April 25 Jay Daley
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Email and reputation (was Re: Service outages pla… Vittorio Bertola
- Re: Email and reputation (was Re: Service outages… Keith Moore
- Re: Mail is worse than everything except all the … John Levine
- Re: the introduction problem, was Email and reput… John Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Phillip Hallam-Baker
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … John R Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Viktor Dukhovni
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: the introduction problem, was Email and reput… Vittorio Bertola
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Christian Huitema
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Michael Richardson
- Re: the introduction problem, was Email and reput… Laurence Lundblade
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Lyndon Nerenberg (VE7TFX/VE6BBM)
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Deployment strategy for email+ Was: Mail is worse… Phillip Hallam-Baker
- Re: mail crypto, was the introduction problem, wa… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Trying to do too much (was Re: the introduction p… Jim Fenton
- Re: Trying to do too much (was Re: the introducti… lloyd.wood@yahoo.co.uk
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… John Levine
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… John R Levine
- Re: potable e-mail, now Trying to do too much (wa… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… Masataka Ohta
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- Re: portable e-mail, now Trying to do too much (w… John Levine
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- We are not a mail forwarding service Carsten Bormann
- Re: We are not a mail forwarding service John R Levine
- ugly hacks (was: Re: We are not a mail forwarding… Keith Moore
- Re: ugly hacks (was: Re: We are not a mail forwar… John Levine
- Re: ugly hacks (was: Re: We are not a mail forwar… Keith Moore
- Re: We are not a mail forwarding service Robert Sparks
- Re: We are not a mail forwarding service Carsten Bormann
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Phillip Hallam-Baker
- Re: portable e-mail, now Trying to do too much (w… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker