Re: [Rucus] [spitstop] Botnets, take 2... Re: Draft RUCUS charter
Otmar Lendl <ol@bofh.priv.at> Fri, 22 February 2008 21:18 UTC
Return-Path: <rucus-bounces@ietf.org>
X-Original-To: ietfarch-rucus-archive@core3.amsl.com
Delivered-To: ietfarch-rucus-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5083A28C1D1; Fri, 22 Feb 2008 13:18:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.901
X-Spam-Level: *
X-Spam-Status: No, score=1.901 tagged_above=-999 required=5 tests=[AWL=-2.662, BAYES_00=-2.599, DRUGS_ERECTILE=1, DRUGS_ERECTILE_OBFU=1.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, MANGLED_VIAGRA=2.5, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lNZO73+ykmr6; Fri, 22 Feb 2008 13:18:51 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 741FC3A6866; Fri, 22 Feb 2008 13:18:51 -0800 (PST)
X-Original-To: rucus@core3.amsl.com
Delivered-To: rucus@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 244A13A6866 for <rucus@core3.amsl.com>; Fri, 22 Feb 2008 13:18:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q-hJj2ADXk-v for <rucus@core3.amsl.com>; Fri, 22 Feb 2008 13:18:50 -0800 (PST)
Received: from mail.bofh.priv.at (fardach.bofh.priv.at [88.198.34.164]) by core3.amsl.com (Postfix) with ESMTP id 359613A6819 for <rucus@ietf.org>; Fri, 22 Feb 2008 13:18:50 -0800 (PST)
Received: by mail.bofh.priv.at (Postfix, from userid 1000) id E104E4D605; Fri, 22 Feb 2008 22:18:44 +0100 (CET)
Date: Fri, 22 Feb 2008 22:18:44 +0100
From: Otmar Lendl <ol@bofh.priv.at>
To: rucus@ietf.org
Message-ID: <20080222211844.GC1983@bofh.priv.at>
References: <C3E0C78D.4346A%Quittek@nw.neclab.eu> <3A86FA4E-6D4A-43FE-B380-6676CD4BCD90@voxeo.com> <47BEB721.8040305@gmx.net> <5F6519BF2DE0404D99B7C75607FF76FF53DB8D@mx1.office>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <5F6519BF2DE0404D99B7C75607FF76FF53DB8D@mx1.office>
User-Agent: Mutt/1.5.13 (2006-08-11)
Subject: Re: [Rucus] [spitstop] Botnets, take 2... Re: Draft RUCUS charter
X-BeenThere: rucus@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <rucus.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/rucus>
List-Post: <mailto:rucus@ietf.org>
List-Help: <mailto:rucus-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: rucus-bounces@ietf.org
Errors-To: rucus-bounces@ietf.org
On 2008/02/22 13:02, Saverio Niccolini <Saverio.Niccolini@nw.neclab.eu> wrote: > > > Let's take an example: > > When Henning's host is compromised and a bot is using > > Henning's account to send me spam then I would contact > > Henning (by using various ways) to tell him that something is > > wrong with his PC/phone/etc. I would not tell my VoIP > > provider that there is something wrong with Henning's account. > > Typically, this will lead to more problems rather than less > > -- such as no communication to Columbia University anymore > > because my VoIP provider just blocks all calls from that domain. > > > > (Just to reflect my experience with email problems in the company....) > > You do not contact Henning directly to tell him that something > is wrong. You have to rely on your infrastructure to take the > necessary countermeasures otherwise it is the anarchy... No, not when strong identity is used. Just translate the scenario to email: when I receive a PGP-signed mail (using a trusted key) from a friend which contains a typical spam (V!ag_ra, 419, ...) then I'll phone him up to tell him that he has a security problem. > That is why exchanging reputation of identities (as perceived by > end-users or domains) is an important building block. Yes, it can be helpful to simplify the initial contact problem. Positive reputation is useful, negative one will just lead to the spitter getting a new account. > Such reputation system (one of the points of RFC 5039) can be built > using mechanisms like feedbacks: > http://tools.ietf.org/html/draft-niccolini-sipping-spam-feedback-00 > and spam scores: > http://tools.ietf.org/html/draft-wing-sipping-spam-score-01 > of course there are privacy issues that apply (but this is > a problem of reputation systems as well) :-) Another trouble here is that if you want worldwide calling based on a reputation system, you also need a reputation system which is used worldwide and not a plethora of these. Who will be trusted to run it? /ol -- -=- Otmar Lendl -- ol@bofh.priv.at -=- _______________________________________________ Rucus mailing list Rucus@ietf.org http://www.ietf.org/mailman/listinfo/rucus
- [Rucus] Draft RUCUS charter Juergen Quittek
- Re: [Rucus] Draft RUCUS charter Hannes Tschofenig
- Re: [Rucus] Draft RUCUS charter Saverio Niccolini
- [Rucus] Botnets, take 2... Re: Draft RUCUS charter Dan York
- Re: [Rucus] Draft RUCUS charter Hannes Tschofenig
- Re: [Rucus] Draft RUCUS charter Juergen Quittek
- Re: [Rucus] Botnets, take 2... Re: Draft RUCUS ch… Brian Azzopardi
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Fischer, Kai
- Re: [Rucus] Draft RUCUS charter Martin Stiemerling
- Re: [Rucus] Botnets, take 2... Re: Draft RUCUS ch… Henning Schulzrinne
- Re: [Rucus] Botnets, take 2... Re: Draft RUCUS ch… Dan York
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] Botnets, take 2... Re: Draft RUCUS ch… Otmar Lendl
- [Rucus] EG vs WG - Re: [spitstop] Botnets, take 2… Dan York
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Dan Wing
- Re: [Rucus] Draft RUCUS charter Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] Botnets, take 2... Re: Draft RUCUS ch… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] EG vs WG - Re: [spitstop] Botnets, ta… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Jan Seedorf
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Fischer, Kai
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Peter Saint-Andre
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Fischer, Kai
- [Rucus] Let's ONLY send to RUCUS now, please! (an… Dan York
- Re: [Rucus] EG vs WG - Re: [spitstop] Botnets, ta… Peter Saint-Andre
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig
- Re: [Rucus] EG vs WG - Re: [spitstop] Botnets, ta… Hannes Tschofenig
- Re: [Rucus] EG vs WG - Re: [spitstop] Botnets, ta… Dan York
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Charzinski, Joachim (NSN - DE/Muenich)
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Otmar Lendl
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Otmar Lendl
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Otmar Lendl
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Henning Schulzrinne
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Jan Seedorf
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Saverio Niccolini
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Otmar Lendl
- Re: [Rucus] [spitstop] Botnets, take 2... Re: Dra… Hannes Tschofenig