Vernon Schryver <vjs@xxxxxxxxxxxxxxxxxxxx> wrote: > > All of the possible good and bad aspects of any possible "trust" or > "reputation" system are already present in the current system. Not so. > - If you say that you can't trust ISPs to check that a new customer > is not Al Ralsky in disguise or one of his proxies, then you must > say the same about any other organization. ISPs operate in a _very_ different business environment than, say, UNICEF. > - If you say that ISPs cannot check the reputation of new customers > for a $30/month account, then you must say the same about any > other organization. ISPs offering $30-per-month service are very likely losing money (and worrying who to lay off next). Your bank, OTOH, is probably doing nicely on less than $30-per-month service charges. Also, some ISPs have no reason to worry much about their reputation, because they have in effect a government-mandated near-monopoly. > - If you trust some of those other outfits to revoke their virtual > letters of introduction and recommendation, then you must be > willing to trust some ISPs to do the same and terminate accounts. Ah, yes, but _which_ ISPs? > - If you say that third party organization could assure you that > a mail sender is not a spammer, then you must agree that an ISP > could check with that organization before adding a password to > a RADIUS server or or turn on a DSLAM, and that an ISP could > terminate an account when that third party revokes is assurance. The first part is actually true: I think we'd actually see that if such third-party services come into common use. :^) The second part (terminating) is not true, IMHO. There's a real danger of getting sued for that, not to mention the loss of revenue. However, donning Pangloss's hat, I do hope that they might activate some port-25 bandwidth-limiting. ;^) > If you believe that "reputation" or "trust" systems might help > the spam problem, then the only room for improvement is in the > trust query protocol. DNS is a screw driver being used as a > hammer in DNS blacklists. Current DNS blacklists are, IMHO, trying to do an impossible job. > However, this is merely a matter of optimization or elegance. I disagree: it's a matter of biting off more than you can chew. -- John Leslie <john@xxxxxxx>