On Mon, 1 Mar 2004, Paul Vixie wrote: > > And everyone else needs to move from the generic reference to > > "consent" on to something that is more concrete, as well as being > > integrated into a full range of human uses for email. > > i'm pretty comfortable with www.dictionary.com's definition of "consent". Ah, are we about to develop psmtp (psychic simple mail transport protocol)? The first mail protocol that can read my mind and see if I "consent" to a particular communication before I (or rather, my mail agent, since that's where one part of the abuse occurs) receive it? That's a neat trick... Logical analysis reveals that psychic filtering is what is required to avoid any chance that I could get abusive email, e.g. spam, while still permitting a full range of desired communications including those from strangers, without extra "approval" steps (of which most users/administrators will definitely not approve and which would let spam through anyway, at least to the point where they have to see it and not approve). Or is "consent" a mnemonic for breaking the entire Internet into White and Black lists with no grey sites whatsoever according to a common standard, PRESUMING that I and all other users would consent (in fact have consented, via inherited Acceptable Use agreements) to turn off all internet access -- at least to those resources we control -- to those that chronically abuse those resources? The latter is not so crazy. It is more or less what "enforcing existing AU agreements" would be, were there an actual PROTOCOL for such enforcement instead of an incomplete and inconsistent hodgepodge of AUs with spotty enforcement and no way to make enforcement universal. I've called for something like this as an obvious first step to regulating spam and other abuse in a couple of my earlier responses. My attention was drawn to: http://www.camblab.com/misc/univ_std.txt which seems to be a very, very practical and immediately feasible way to secure the protocols we have now. Curiously, it works by formally defining a process for converting the Internet into white (or at least, very light grey:-) and blacklists of a sort and enfolding this into effectively all internet services. It has the delightful effect of punishing the abusers and not the innocent, and of punishing (by blacklisting) the SPs of chronic abusers (the ones who profit the most from abuse) to precisely the point where they responsively police their own networks or go out of business, whichever comes first, and of permitting that "disconnection" to be done by anybody from a common list rather than waiting for the SP's PoP provider to go through THEIR various internal due processes (if any) and pull a plug that might be making THEM a lot of money...to the discomfiture and waste of money spent by everybody else. This document puts forth a >>measure<< of abusive behavior that causes us (the "Internet") to withdraw our >>consent<< for all kinds of transactions and is the first step to a >>protocol<< that permits this consent to be effectively immediately withdrawn from a common and dynamic (in both directions, as black sites are policed white again). In a consensual anarchy like the Internet, it is definitely the right way to proceed, as for the first time newsletters such as Security Wire Digest contain rumblings calling for and warning of government regulation that (while certainly welcome with respect to certain forms of abuse) can easily turn into the nose of a big, ugly, smelly camel under the Internet tent. Or end up endorsing a witless and expensive solution to the great profit of some congressman's biggest donor. Maybe I just like it because it agrees with my own point of view (the definition of an intelligent person being "somebody who agrees with you", after all:-). It's worth a read. rgb -- Robert G. Brown http://www.phy.duke.edu/~rgb/ Duke University Dept. of Physics, Box 90305 Durham, N.C. 27708-0305 Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb@xxxxxxxxxxxx