--On Sunday, 01 January, 2006 04:35 +0000 John Levine <johnl@xxxxxxxx> wrote: > I hope the message here is not that we should restrict > ourselves to developing technology that is idiot-proof, since > a sufficiently determined idiot, of which there are many, will > do idiotic things with any technology that we never in a > million years would have anticipated. No. I don't believe in idiot-proof technologies. I do believe that it is not desirable to create standards that would give a gift of either technology or justification to those who would use them to fragment the network. I believe it is especially important to avoid those gifts when the people or groups involved are quite sophisticated about using technologies to maximize their short-term economic gain at the cost of global communications and interoperability. People and companies with those sorts of motivations will undoubtedly do their thing regardless of what we do. But we don't need to help them or provide them with justification via "we are just following the standard". And I still believe that we should do this work. I just believe that the work should include some real discussion, and analysis of workarounds, about how uses of the technology that are interoperability-hostile, or global-communications-hostile, can be prevented or clearly identified as inappropriate. Think of it as an explicit "interoperability considerations" section to supplement the usual "security considerations" one. >... > One favor that the SPF crowd did for us was to give the > aforementioned idiots a chance to find out what a bad idea it > is to reject mail arbitrarily from people who don't jump > through their hoops, so nobody rejects for SPF failure any > more. People who use C/R against people not on their > whitelists have found the same thing -- they all check the > folder of unconfirmed mail because they know there's lots of > real mail from people who won't hoop jump. > > If the idiots were to latch on to DKIM and start rejecting > valid mail, like they have to the past umpteen magic bullets, > why do you expect the results to be any different? I note that we have never standardized a magic bullet in the anti-spam area. I believe that to have been a good trend. To the credit of a significant fraction of the DKIM advocates, they haven't claimed it is a magic bullet, which is also a good trend. If there is agreement on what you say above (I think there probably is) and it can be documented, then some explicit warnings about that experience and its applicability would satisfy most or all of my concerns. I wouldn't expect to see merely "doing X is bad and you MUST NOT do that", but rather "X should be avoided because there is documented experience that its consequences are Y and Z". best, john _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf