From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <7f3c75ef821ce85dba22942ef0ea545e@plan9.bell-labs.com> From: David Presotto To: 9fans@cse.psu.edu Subject: Re: [9fans] ISP filtering - update In-Reply-To: <20030926063328.C19995@cackle.proxima.alt.za> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-uyrxcptktjlvcyokcdnyhizgux" Date: Fri, 26 Sep 2003 08:07:16 -0400 Topicbox-Message-UUID: 4f422966-eacc-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-uyrxcptktjlvcyokcdnyhizgux Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit > No, the right idea is to build your own, white- or blacklist. In > PGP, you ask your friends to sign your key, eventually you may be > lucky to hit common signatories and the web of trust starts happening. > Can't say I've seen it in action, but it may well work. SMTP mostly comes from providers (ISP's) and not your friends (unless your friends happen to own ISP's). --upas-uyrxcptktjlvcyokcdnyhizgux Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Fri Sep 26 00:39:56 EDT 2003 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Fri Sep 26 00:39:53 EDT 2003 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 6D9A819C64; Fri, 26 Sep 2003 00:39:26 -0400 (EDT) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.18.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 698A219B23; Fri, 26 Sep 2003 00:39:21 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id E375519B48; Fri, 26 Sep 2003 00:38:35 -0400 (EDT) Received: from cackle.proxima.alt.za (cackle.proxima.alt.za [196.30.44.141]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id B296719B7D for <9fans@cse.psu.edu>; Fri, 26 Sep 2003 00:38:26 -0400 (EDT) Received: from cackle.proxima.alt.za (localhost [127.0.0.1]) by cackle.proxima.alt.za (8.12.9/8.12.3) with ESMTP id h8Q4Xdef023211 for <9fans@cse.psu.edu>; Fri, 26 Sep 2003 06:33:40 +0200 (SAST) Received: (from lucio@localhost) by cackle.proxima.alt.za (8.12.9/8.12.3/Submit) id h8Q4XThI023210 for 9fans@cse.psu.edu; Fri, 26 Sep 2003 06:33:29 +0200 (SAST) From: Lucio De Re To: 9fans@cse.psu.edu Subject: Re: [9fans] ISP filtering - update Message-ID: <20030926063328.C19995@cackle.proxima.alt.za> Mail-Followup-To: 9fans@cse.psu.edu References: <01b501c383a1$e2db44e0$b9844051@insultant.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4us In-Reply-To: ; from David Presotto on Thu, Sep 25, 2003 at 04:46:06PM -0400 Organization: Proxima Research & Development Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu X-Reply-To: lucio@proxima.alt.za List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Fri, 26 Sep 2003 06:33:28 +0200 X-Spam-Status: No, hits=-2.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) On Thu, Sep 25, 2003 at 04:46:06PM -0400, David Presotto wrote: > > esmtp is a pretty quick read. If I were to do something for > mutual auth, that's a reasonable place. The biggest problem > is controlling entry into the `good guys' group of authenticated > entities. Who gets to say yeah/nay to people wanting to get in? > At first its easy since there are no grey areas. I would be > perfectly happy if entry was controlled by the conjunction > of boyd, cross, and choate. I figure anyone that all three found > acceptable would be pretty milktoast. Over time, it'll become > harder but I'ld be happy with a single registry that contains > certificates of good guys. Agreed on the entrance qualifications. But as for the contents of the list, the same judges could be used in an "or" rather than "and" fashion to promote a blacklist (Choate would be in an envious position, although he'd squirm his way out of it with some hand waving of philosophical higher principle) that requires you to justify being dropped. Hm, how do we put everyone in there to start with? No, the right idea is to build your own, white- or blacklist. In PGP, you ask your friends to sign your key, eventually you may be lucky to hit common signatories and the web of trust starts happening. Can't say I've seen it in action, but it may well work. A new RFC suits me just fine, I'll toss PGP or the PKI web of trust Thawte suggested (someone mailed me a URL, but I didn't get to it - still, I may be able to approach Shuttleworth if it's necessary) as the authentication/non-repudiation protocol, with legal implications (call it a contract to avoid having to legislate it) if a sender turns out to be harrassing its recipients. ++L --upas-uyrxcptktjlvcyokcdnyhizgux--