> By an "ashcroft" I mean extremely costly (mostly not in money), > insufficiently or entirely unjustified, so called defenses against > potential disasters, where the defenses are of dubious or no real use > (e.g. the new airplane passenger screening) against the ostensible > potential disaster. ah. then that's not what i'm advocating. i want the digital equivilent of a peephole in my front door so i can ignore the doorbell if i don't like what i see. > I don't understand enough of your notions to see whether I think it would > work or be worse than spam, but I have dark suspicions that they would > turn out like the new and forthcoming "defenses" against "terrorism" (and > "drugs," "child porn," etc.) from the U.S. DOD and DOJ. i believe, and have always believed, that all communications ought to be mutually consensual. that philosophy underlaid my initial thoughts about both MAPS and DCC, and is part of my motive for trying to get DNSSEC deployed. plenty, no, *many* are the humans who can reach me by digital communications for whom my consent is seen as irrelevant (or worse.) my son has been receiving pornographic spam for five years, and he just now turned twelve years old. did you all who contributed to the creation of e-mail as a media believe that it should be "rated R, no children under the age of 17 admitted without a parent"? for my part, i did not. or consider the "e-mail appending" data miners, who believe that my consent to receive a magazine by postal mail somehow implies my consent to receive anything else that publishing conglomerate wants to send me by e-mail. (one is sender-paid, the other is not, and my consent cannot be implied.) due to accidents of fate, the CIX.NET MX RR points at my personal server. it turns out that there are now many millions of valid @COX.NET mailboxes, and that through normal error rates i receive several dozen misaddressed messages per day, usually several of them being microsoft passport ACK's containing enough information for me to commit identity theft if i so desired. a lot of the mail is quite personal in nature, too. is this how we thought e-mail would grow up and meet its larger audience? not me! the current system is utterly laughable and if it were proposed apriori it would be laughed out of the room. that which was suitable for polite early adopters in the R&E community is completely unsuiable for the full global population, And This Should Come As No Surprise To Anybody. > So how about turning down the heat a little and being more technically > specific about your replacement for the Internet? Since that viagra-VoIP > bomb has nothing to do with SMTP, it seems you're talking about a far > bigger progject than "merely" replacing SMTP. here's the problem. if we had end-to-end personal certificates that were widely deployed and universally presented, it would become reasonable to try to wire an smtp listener to reject all but certified traffic -- but since pornospammers could and would acquire signed certificates, we'd have to do some kind of pgp-like kevinbacon-like "degrees of separation" logic to find out about trust. it turns out both of those are missing. and creating them is a bigger problem than rewiring smtp would be. and that once they exist they will have equal applicability to IM/ICQ/SIP/etc. as usual, i would be happiest if someone else would take this on: i'm Busy. however, that's not why i don't write a detailed proposal. my goal at the moment is to discover whether the ietf possesses a "collective will" and if so, whether it is "willing" to take on this much larger problem. so far the answer seems to be not just "no" but "hell no!" -- Paul Vixie