Re: Authentication and email

[Paul Hoffman / IMC <phoffman@imc.org>]

At 8:09 PM +0200 2/8/03, Gonzalo Camarillo wrote:
> Once you can authenticate a user, the spamer needs to really subscribe
> to the mailing list in order to send SPAM. Right now, using a forgued
> From field is enough. No subscription needed.
Of course. But you are ignoring the contrapositive: no one can post
to an IETF mailing list without using S/MIME. You can't post from any
of the current Web-based mail systems. You can't post from kiosk. You
can't post from a new computer until you have copied your S/MIME keys
to the new system (and we all know how easy that is, don't we?).

Does that serve the IETF well? Is the cost worth the benefit? Are
there other ways that reach the benefit that have different costs?

> And even if you believe that authentication of users buys you nothing
> regarding SPAM prevention, at least we would be *implementing* security
> int he IETF mailing lists, which was Dean's original argument.
Why? What transpires on IETF lists that need any security? If some
people want to sign their messages, they can do that (and often do).
What you are proposing forces everyone to use security for no stated
value.

> Any user agent that can send instant messages using SIP, MUST implement
> S/MIME... if we believe that it is acceptable to send emails to the IETF
> mailing lists without using any kind of security, why do we mandate
> S/MIME for instant messages? That was the issue Dean was talking about.
> 3GPP was strongly opposed to that MUST S/MIME, but we insisted that it
> had to be in the spec.
Ah, now *there's* a topic worthy of IETF-wide discussion! Where was
the security needed? What are the attack scenarios? Could it have
been implemented optionally, like we have in mail?

--Paul Hoffman, Director
--Internet Mail Consortium