[148507] in cryptography@c2.net mail archive
Re: [Cryptography] The next generation secure email solution
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Dec 18 17:06:29 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <52B1781A.9050404@witmond.nl>
Date: Wed, 18 Dec 2013 15:22:47 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Guido Witmond <guido@witmond.nl>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5666132293389177321==
Content-Type: multipart/alternative; boundary=90e6ba475e4bee888704edd4cee3
--90e6ba475e4bee888704edd4cee3
Content-Type: text/plain; charset=ISO-8859-1
Guido's scheme is very similar to the one I am planning to build in stage 2
of my system. In fact if he wants to build his system he could use stage 1
of mine as a development platform.
But I do think it is important to acknowledge one of the lessons we learned
in spam control: the bad guys will exploit every feedback channel.
So when we are dealing with reports of violations of protocols we have to
be ready for attackers making false complaints. Many early spam blacklists
that had 'zero tolerance' policies lost credibility very quickly as people
would sign up for mailing lists for the purpose of reporting the source as
a spammer. Some of the malicious reports were intended to sabotage
political or commercial rivals. But quite a few were made to discredit the
lists themselves.
The trust problem is very easy if you have some form of ground truth to
reference. But no such ground truth exists.
--90e6ba475e4bee888704edd4cee3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra">Guido's scheme is very simi=
lar to the one I am planning to build in stage 2 of my system. In fact if h=
e wants to build his system he could use stage 1 of mine as a development p=
latform.
</div><div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">But I=
do think it is important to acknowledge one of the lessons we learned in s=
pam control: the bad guys will exploit every feedback channel.</div><div cl=
ass=3D"gmail_extra">
<br></div><div class=3D"gmail_extra">So when we are dealing with reports of=
violations of protocols we have to be ready for attackers making false com=
plaints. Many early spam blacklists that had 'zero tolerance' polic=
ies lost credibility very quickly as people would sign up for mailing lists=
for the purpose of reporting the source as a spammer. Some of the maliciou=
s reports were intended to sabotage political or commercial rivals. But qui=
te a few were made to discredit the lists themselves.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">The trust p=
roblem is very easy if you have some form of ground truth to reference. But=
no such ground truth exists.=A0</div></div>
--90e6ba475e4bee888704edd4cee3--
--===============5666132293389177321==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5666132293389177321==--
