> From: Keith Moore [mailto:moore@xxxxxxxxxx] > To the extent that they can be understood as separable > issues, I don't have a problem with doing what you describe > in addition to writing the I-D. But I believe these issues > need a wider visibility than just within the DKIM wg. I have followed this thread for some time, I have still not seen the actual issue you wish to raise stated, merely a series of statements pointing to other places that you claim the statement was made. I am entirely willing to discuss technical issues relating to DKIM in particular and the Accountable Web in general. What I am not prepared to do is to argue over technical issues as proxies for the political issues that underly them. As far as I am concerned the principle of the Accountable Web is not up for negotiation. We have a billion users of the Internet. As with any system 95% of the participants are honest 95% of the time. It is the other 5% that is the problem. With a billion users that makes 50 million pedophiles, predators, theives, confidence tricksters, vandals and other criminals to deal with. The point of the Accountable Web is to stop that 5% spoiling the Internet for the rest of us. I am not talking about a police state: a key principle of the Accountable Web has to be that the accountability processes themselves are accountable. The key feature of a police state is when law enforcement claims that it is above the law. Nor am I talking about excluding anonymity entirely. There is a role for anonymity in the Internet and there is a role for pseudonymity. What there cannot be is a situation where other people can claim to be me and make use of my reputation. This is currently the case in email. My reputation, the reputation of my employer are diluted because anyone can send mail that purports to come from that domain name and there is no widely deployed authentication infrastructure. The ability to claim responsibility for a message allows the sender of an email to tell the recipient that they can be held accountable for it. Knowing that someone is accountable allows the recpient to accept the email with greater confidence than is possible otherwise. By combining Authentication, Accreditation and Consequences we can achieve accountability in the email system and thus begin to bring spam under control. In the process the ability to send unaccountable mail is likely to be lost. But that is going to be the result of recipients deciding to reject unaccountable mail as likely spam, and not the result of a government dictat that everyone be counted. A lot of the problems with the Internet are the result of the widespread perception that it is a parallel universe with no connection to the real world, a consequence free environment that lacks police, law and order. This perception is mistaken, there is law enforcement in cyberspace and arrests result every single day. Arrests of Internet pedophiles have become so commonplace that they have long since ceased to be notable unless the number arrested is particularly large. The Accountable Web is about changing that perception. I know that there will be many who would prefer to maintain the Web in a state of permanent anarchy. I note however that those who advocate this position then construct their own personal safety zones and defend them aggressively. Anarchy is a much more attractive political doctrine when offered a la carte, so that one can choose unlimited personal freedom for oneself without having to live with the consequences of every one else making the same choice, including the 5% who cause 95% of the problems. We have already seen what happened to USENET when the 5%ers got hold of it. In the space of a few short years the spammers destroyed USENET. It has only recovered since because even the spammers find that there is little value there for them. We cannot let the same thing happen to email and the Web. USENET worked when there was accountability. Under the NSF regime anyone who did a Green Card spam would have been accountable to their university proctors. It isn't an accident that the Green Card spam went out in April 1994 during the transition from the NSFnet to the commercial Internet. As we discovered then the traditional accountability mechanism had been lost. If we are going to do anything about the pedophile predators lurking in Internet chat rooms we have to create the understanding that there is accountability. The perverts would not approach a minor in a public area with the type of advance they use in a chat room, they know that they can be observed. Just creating a binding from a chat room identity to a cell phone or landline creates a degree of accountability. The potential perpetrator knows that they can be tracked down to a particular telephone number, if they are smart they also know that their location can be fixed geographically as well. There are means to circumvent this but the reliability of these steps are not as predictable as some think and messaging can be used to emphasize this unpredictability. This approach compliments the efforts of i-safe and others to provide age verification through schools. Again there is an accountability component to the scheme, credentials can be tied to a particular individual if necessary and so attempts to trade them will result in consequences. This example demonstrates that accountability does not mean loss of privacy. I hope that people understand that what we are proposing here is to provide AGE VERIFICATION here so that chat rooms can make sure that only kids (and licensed law enforcement) are allowed to post into kids only chat rooms. We are not certainly proposing to make it easier for the predators by enabling them to know the identity of the kids, where they live, etc. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf