On Mon, Jan 2, 2023 at 5:25 PM John C Klensin <john-ietf@xxxxxxx> wrote:
I may regret this, but a few very small observations...
--On Sunday, January 1, 2023 19:42 -0500 Phillip Hallam-Baker
<phill@xxxxxxxxxxxxxxx> wrote:
> On Sun, Jan 1, 2023 at 4:03 PM John R Levine <johnl@xxxxxxxxx>
> wrote:
To extend that analogy a bit, if some more traditional marketer,
of the "door-to-door salesperson" variety, comes to your home
and rings the doorbell, is that different on any level other
than frequency and scale?
There is a 'No Soliciting' sign clearly posted on the front and fairly soon a 'No Soliciting' sign with a menacing looking dalek will be appearing on the back.
This is more than sufficient since time is money for door to door salespeople.
Does that make them less scum? Are
you protected from such people by keeping a fierce dog or pet
dragon whom you threaten to unleash as soon as they start up the
walkway?
I know what you are thinking, 'is that exterminator gun real or fake, well maybe it is and maybe it isn't. But given that I built two full scale dalek props and one of them has working animatronics, the question you have to ask yourself is "do I feel lucky?" '
Do I recommend that? Nope, But, again, I'm trying to see if we
can clarify the boundaries and what is being talked about a bit.
My primary goal here is to give people a complete end-to-end communications infrastructure that is built as open infrastructure.: open standards, option of open source code, anyone can set up a
service , users can choose and change their service.
> The cost of calling people dropped, robo-calling, in
> particular the cost of international calling dropped enabling
> off shore boiler rooms filled with criminals calling up to do
> scam after scam.
Doesn't that suggest looking at ways to change either the cost
equation or the very closely related equations involved risks to
those criminals of capture and punishment rather than yet
another tweak. FUSSP should probably be incorporated by
reference here.
I am not interested in FUSSP, I am interested in something that allows me to communicate within my circle without being plagued.
We are very close to disconnecting the land line, we get far more spam on it than genuine calls. The genuine calls are increasingly going to other services.
> If you respond yes, I can send you additional messages, if you
> let me, I can call you by voice or video etc. Otherwise, my
> messages are refused. Same on my end.
And, if I were an evildoer and wanted to make that not work, I'd
attack you (and a variety of other likely suspects) with a
sufficient volume of permission-request messages to create
tremendous incentives for blocking those messages. As you
pointed out in response to Christian's variation on the same
suggestion, the number of such requests today is low enough to
be easily tolerated. But no mechanism that has depended on the
spammers (and other generators of unwanted messages) being
stupid (and I am _not_ suggesting that your ideas fall into that
category) has ever worked well.
As we discussed offline, I have more layers and there is a friction control in the loop here which is that the contact messages have to go out through a service provider. So a new MSP suddenly starts up and is spewing millions of contact requests, is going to be rapidly defederated.
So, OK now the problem is the introduction problem for MSPs. Which I think can be managed the same way Mastodon is managing expansion of its federation. Most people are likely to be using an existing MSP before setting up their own and when they do, they will take existing users with them.
Basically, it comes down to friction.
In particular, if one assumes
that they are, as a group, both reasonably smart and able to
think strategically, one would expect to see very few messages
asking permission until after something changed to make
generating such messages a good investment. Analogies to arms
races and why they are such a problem may be appropriate here.
As it happens, my VeriSign patents should expire in March:
While there are many problems with limiting the rate of sending messages, limiting the rate at which introduction requests can be sent is probably less problematic.
> Once we are in each other's contact catalogs, nobody else can
> impersonate you to me. I might not have been contacted by the
> real John Levine in the first place but that is another issue.
But that sounds like a version of my trick "don't bother trying
to send mail here unless I have already gotten things set up
with your credentials" mailbox (whether you know, or can deduce,
its address or not). A more sophisticated one, most likely one
that scales better, but not a new story.
I try not to do 'new'. I try to do things that are at least 20 years old that I can demonstrate are 20 years old.
> For interpersonal contact exchanges, trusted third parties
> aren't really very useful. But if we are communicating in the
> context of some corporation, it is important that I know both
> the person and the organization. So at least an organization
> level LRA is needed.
Absolutely. But, if you are talking only about solving the
problems of communications sent from and/or two corporations or
organizations who are willing to identify themselves as such
(rather than, e.g., posing as individuals who might be vaguely
"representing" or "affiliated with" such a body), then that is a
much narrower problem than the one to which I (and maybe John
L., Christian, or others) have been responding and expressing
concern.
I see interpersonal and corporate as two separate concerns, both have to be solved. But solving the corporate one is much easier because it comes down to 'pay for an EV level validation of your corporate identity'. Which has an existing industry to address.
In case it isn't clear, I have no reason to believe that your
ideas would not work, and work well for some selected
communities and/or some clear definition of the problems you are
trying to solve and their scope against which it could be
evaluated.
Nice to hear.
From that perspective, my only concern is the great
difficulty of deploying a replacement for a very large installed
base when most of those involved with that base (as suppliers
and users) seem to think it is working well enough... no matter
how much they complain about the obvious problems it enables or
carries with it.
Ah, but as I said, my principal goal is to solve a broader problem of enabling text/voice/video communications through asynchronous or synchronous modes with E2E security using a single contact/identifier. rather than to replace SMTP.
But it would be pretty bad to go about that task without at least trying to build as much of what we know about stopping abuse into the new system core. And just as Nathaniel Bornstein and Ned Freed didn't start off by saying 'lets get rid of the fax machine', that is what their work on MIME inevitably led to when it succeeded.
