Steven M. Bellovin wrote:
My concern is centralization of power. If used properly, white lists
are fine. If used improperly, they're a way to form an email cartel,
forcing organizations to buy email transit from a member of the inner
circle.
Steve,
Email reputation lists have been around for a very long time. The current
specification codifies this existing practice. So we have plenty of track
record to test your concern.
Perhaps you know of some pattern that validates that concern, but I don't.
Such services have always been easy to set up and, indeed, there is a wide range
of reputation services. (Positive reputation services are more recent so there
is a smaller set to evaluate... so far.)
A standard reduces switching costs, so that consumers of reputation data are not
locked in to their current reputation provider.
Hence, standardizing the details for obtaining reputation data -- postivie or
negative -- ought to mitigate against centralization.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf