anti-*AOL plan* coalition

[David Farber <dave () farber net>]

Begin forwarded message:

From: Cindy Cohn <cindy () eff org>
Date: March 22, 2006 5:17:19 PM EST
To: Dave Farber <dave () farber net>
Subject: [IP] anti-*AOL plan* coalition

Hi Dave,

Dave Crocker, who I respect immensely, makes two key points, one that
I agree with and one that I must reject.

First, the rejection.  Dave asserts that it's improper for me,
personally, and apparently EFF, to voice any objection to any
proposal to try to respond to spam or phishing unless we also come up
with a complete solution to spam and phishing.  I reject that. In
fact, I hope we all will.  We should all be able to discuss, comment
upon, and yes, even criticize various proposals regardless of whether
we've got a complete solution in the bag. Commentary and criticism is
an important part of any market system.  I have no problem with  
criticism of what I say; I object strongly to a suggestion that I  
have no right to comment in the first instance.

Second, the agreement. I don't have a principled problem with the
creation of a "trust overlay" for email that identifies "good
actors," as long as it's objectively applied and not coercive. To
help ensure objectivity and prevent coercion, I agree very strongly
with Dave's point that if we're going to build this overlay, or maybe
many overlays, there should be lots of inputs. This is, in fact, one
of my strongest objections to what AOL is doing here, and part of
what I meant when I said that there are "plenty of ways to do
'certified' or 'digitally signed' email without having ISPs choose
winners and charge per message."

AOL is here choosing one input and one proprietary "trust overlay"
system -- Goodmail's -- and taking a financial cut of the money
earned from that overlay and input. My argument is that by doing so,
AOL is undermining the markets for both overlays and inputs, not
fostering it. AOL is also reducing their own incentives to rely on
other inputs, including their own whitelist and enhanced whitelist.

I believe that this will result in real pressure on senders to
join Goodmail's system or face not getting their messages through.
And if other ISPs follow suit, legitimate senders may be faced with  
having to
navigate (and pay for) several different systems, further increasing
their costs and hurting their ability to speak to a willing audience.

My concern is based in part on the observation that
AOL will reasonably seek to maximize its profits and minimize it's
costs. Pushing senders into Goodmail does both and that's why I'm
skeptical of AOL's claims that nothing will change for senders who
don't choose Goodmail. My concern is also based on my very real
experience with Bonded Sender. Here's a similar report from Bennett
Hazelton about his Peacefire mailing list:

http://channels.lockergnome.com/news/archives/
20060302_peacefire_joins_open_letter_slamming_aol_email_tax.phtml

Indeed, our main argument here isn't really about Goodmail as a
certification service at all. I do have concerns about whether  
Goodmail will in fact stop spam or phishing (they don't even claim to  
address spam), but that's a different matter.

My main concern here is about the risk that AOL
will undermine the market for some of the very things that Dave
suggests by choosing one proprietary system and pushing senders into  
it on pain of not having their messages delivered to AOL subscribers.  
I hope
this point isn't lost in the sturm and drang.

Cindy



On Mar 22, 2006, at 11:13 AM, David Farber wrote:

> Begin forwarded message:
>
> From: Dave Crocker <dcrocker () bbiw net>
> Date: March 22, 2006 10:31:20 AM EST
> To: dave () farber net
> Cc: ip () v2 listbox com
> Subject: Re: [IP] anti-Goodmail coalition resorts to misquotes
>
> >    The opposition to Goodmail's
> > scheme is not based on the idea that change is wrong, but rather
> that
> > this particular idea is flawed.
>
> Dave, et al,
>
> Unfortunately, the opposition to the announced scheme is not
> sufficiently careful or constructive to permit such a benign
> assessment.
>
> By way of example please consider Cindy Cohn's remarkably facile:
> > There are plenty of ways to do "certified" or "digitally signed"
> > email
> > without having ISPs choose winners and charge per message.
>
> Apparently Cindy has not noticed that spam and phishing have been
> with us for quite a long time.  To date, nothing has reduced its
> occurrence.  If the problem were so easy to fix, does she really
> think that we wouold already have fixed it?
>
> Indeed there are likely to be many different techniques that are
> useful. Schemes are easy to describe but they are extremely
> difficult to make practical and even more difficult to get
> adopted.  If it is so easy, Cindy, why haven't you promoted one and
> gotten it used?  It turns out that the world is full of anti-spam
> proposals that are not practical.  This has even prompted a
> whimsical-but-useful form to use, to explain why a proposal won't
> work.  Take a look at <http://craphound.com/spamsolutions.txt>.
>
> The announced scheme applies to a specific sub-set of email:
> Legitimate bulk email with a high requirement for assured delivery.
> The opposition effort has arbitrarily chosen to exaggerate this
> into dire predictions for which there is no basis.
>
> What was announced certainly describes an important change in email
> service, and email certainly is an important human communication
> tool. So it is of course reasonable to question the scheme and look
> for flaws and dangers.  However there is a difference between
> asking serious questions, versus resorting to rabid hyperbole and
> misrepresentation.
>
> Turning concerns into hysteria guarantees that serious public
> discussion about this important topic is impossible.
>
> More than a few people believe that spam and phishing are bad
> things.  These nasty uses of email occur in sufficient scale and
> with sufficient impact to affect the viability of email (and are
> expected to have similar effect on other services, like instant
> messaging.)  The Bad Actors who send the nasty messages have proven
> to be astonishingly creative and well-organized.  All the
> indications are that these problems are here to stay.  Indeed, if
> we look at the behavior of these Bad Actors and then look for
> similarities in the bricks-and-mortar world, we find that their
> behavior exactly mimics that of criminals.  As the Internet grew to
> encompass global scale and diversity, we should not have been
> surprised that the Dark Side appeared in cyberspace, along with
> everyone else.  We also therefore should not expect to fully
> eradicate it from cyberspace, any time soon. The most we can hope
> for is to reduce it to tolerable levels.
>
> How can we do that?
>
> So far, the primary technique has been with filtering at the
> receiver's service. (Some larger operators also apply filters on
> their outbound mail.) There are two problems with filtering:  One
> is that effective filters require constant vigilance and adaptation
> against new techniques; this is, effectively, an arms race with the
> usual implication of infinitely escalating consumption of
> resources.  The second problem is that filters are heuristics and
> therefore they make errors; the worst errors are false positives
> that lose legitimate mail. A problem with filtering at the receive-
> side of the equation is that failing to stop mail from Bad Actors
> at its source burdens the entire Internet with the considerable
> overhead of carrying and detecting the bad stuff.
>
> What we need are methods of exerting basic traffic quality control
> *at the source*. As Rich Kulawiec noted, some operators do do
> filtering at the source and some operators are quite effective at
> squelching questionable email. More should do so.  However the task
> is currently rather more difficult than Rich implies and it often
> is impossible.  For example, spammers use an army of compromised
> machines and can distribute their traffic to an extent that permits
> them to operate just under the thresholds imposed by operators, and
> they can otherwise tailor their traffic pattern to stay under
> operators' radar.
>
> So it is not enough to look only for Bad Actors.  We need to have a
> means of identifying and differentially handling Good Actors. We
> need to add a Trust Overlay to email, to focus on affirmative
> knowledge about Good Actors.
>
> This will identify authors and distributors of legitimate mail,
> through a chain of accountability back to the source. It needs to
> be based on a mechanism that is safe and reliable (e.g., using
> digital signatures) and it needs to support using a variety of
> assessment (reputation) mechanisms.
>
> These Good Actors can announce their accountability for specific
> pieces of mail, and the rest of the chain of email operators can
> make handling decisions based on that Actor's reputation. As solid
> accountability becomes possible, it becomes easier to identify
> where problem mail entered the handling chain and to squelch it at
> its source.
>
> Note, however, that I said *a variety* of sources of assessment
> will be available. We see that variety in the bricks-and-mortar
> world, and there is no reason to assume that the Internet should or
> will be different. Email is used in many ways.  A scheme that helps
> for one kind of use may well not be appropriate for others.
>
> There already are efforts underway in the standards arena and the
> commercial sector, to pursue the development of a trust overlay.
> The announced scheme adds to these efforts; it will not replace
> them. The announced scheme pertains to third-party assessment of
> senders of legitimate bulk mail for which delivery is critical.
>
> Messing with any social system warrants caution.  Email certainly
> qualifies as a social system. So concern about the implications of
> making changes to email is essential. There are certain to be
> appropriate limits for any single scheme that is developed as part
> of this trust overlay. I am confident that one example is that
> personal mail will require something different than assured-
> delivery bulk mail. I am equally confident there are others.
>
> It really would help quite a lot, to have those who are seriously
> concerned about the implications of change to put some effort into
> serious analysis and dialogue, rather than instantly jumping to
> polarizing hyperbole.
>
> Email is too important and too complex to be trivialized.
>
>
> d/
>
> p.s. I discuss much of this in more detail in a recent article in
> The Internet Protocol Journal, at <http://www.cisco.com/web/about/
> ac123/ac147/archived_issues/ipj_8-4/anti-spam_efforts.html>. The
> issue also has a related article by John Klensin.
>
> p.p.s. In the interest of full disclosure I should note that I am
> on the technical advisory board for Habeas, which is also in the
> reputation business. However, I do not speak for them.
> --
>
> Dave Crocker
> Brandenburg InternetWorking
> <http://bbiw.net>
>
>
> -------------------------------------
> You are subscribed as Cindy () eff org
> To manage your subscription, go to
>  http://v2.listbox.com/member/?listname=ip
>
> Archives at: http://www.interesting-people.org/archives/interesting-
> people/

********************************************************
Cindy Cohn                              ---- Cindy () eff org
Legal Director                  ---- www.eff.org
Electronic Frontier Foundation
454 Shotwell Street
San Francisco, CA 94110
(415) 436-9333 x108
(415) 436-9993 (fax)


_______________________________________________
badmail mailing list
badmail () eff org
https://falcon.eff.org/mailman/listinfo/badmail

********************************************************
Cindy Cohn                              ---- Cindy () eff org
Legal Director                  ---- www.eff.org
Electronic Frontier Foundation
454 Shotwell Street
San Francisco, CA 94110
(415) 436-9333 x108
(415) 436-9993 (fax)




-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/