From: "Dave Crocker"
A flag day is not possible for changing the infrastructure of any network operation that is large. Even when there is a single authority, service operators cannot perform a conversion "instantly".
That is true. However, there comes a day when enough people are implementing a technology that one can make the decision to flip the switch on their network. While there is no single authority, I'd be happy with a US and European based authorities for their respective companies. This would allow for monitoring and filtering of a large portion of netspace. I'd even be happy if whois data was enforced to be accurate again. 555-5555 is not a valid phone number the last time I checked yet it's listed all over whois information. Not all ISPs are being forced to handle their IP allocation records properly, and the ISP doesn't take responsibility for the complaints and issues. Perhaps a little more policing and withdraws from our various registrars would at least help make things more manageable. When does a /18 that has client entities on it still maintain only the initial ARIN whois data.
ps. Please note that there is still no large-scale use of certificates, although the technology for them has existed for years. Therefore it is important to be very conservative, when specifying a system behavior that depends upon their use.
MTA certificates are unreliable in a "I do not trust this organization" setup at this time. If they were reliable in such a setup, people would adopt them more readily. The reason why there is identity theft is because we don't enforce identities on the network. Do you have to send in business letterhead or proof of incorporation when registering many of the "identities" available? No one wants the responsibility, and until we build the social structure into the technical structure, we will always find our network abused. -Jack