On Apr 13, 2008, at 5:36 PM, Edward B. DREGER wrote:
Bottom line first:
We need OOB metadata ("trust/distrust") information exchange that scales better than the current O(N^2) nonsense, yet is not PKI.
Not sure why PKI should be excluded, but, so far, this is too abstract to know what the question is...
And now, the details... which ended up longer reading than I intended. My apologies. As Mark Twain said, "I didn't have time to write a short letter, so I wrote a long one instead." :-)
When it comes to establishing trust:
* The current SMTP model is O(N^2);
I don't see SMTP as even a "trust" model since there's pretty much nothing trustworthy in SMTP.
* I posit that the current IP networking model is sub-O(N);
Again, I'm not seeing IP as a trust model, but, YMMV.
* PKI models are pretty much O(1).
Polynomial-order just doesn't scale well. It's mathematical fact, and particularly painful when the independent variable is still increasing quickly.
Sure.
Many operators seem to reject PKI as "power in too few hands". I'll not disagree with that.
Depends on the PKI. For example, the PGP/GPG Web of Trust concept pretty much lets each individual build their own trust model to whatever O(x) they choose where greater values of x require more effort and also provide greater security/trust granularity and lower values of x involve greater trust of others that you claim you can trust and less direct effort on your part.
Let's also draw upon operational lessons from a couple old-timers. I recall using a critter known as "NNTP". And once upon a time, before my days on the Internet, lived a funny little beast called "UUCP".
I remember UUCP. It was pretty much O(n^2).
We track email quality from all mailservers that hit us. I can whip up a list of MXes/organizations that I'm willing to "trust" -- and let's leave that term imprecisely-defined for now.
Uh, OK. Starting to understand what the question might be aiming towards.
Here's what I propose:
Establish a "distrust protocol". Let path weight be "distrust". The "trust path" is of secondary importance to "path weight", although not completely irrelevant. SMTP endpoint not in graph? Fine; have some default behavior.
Let _trust_ be semi-transitive, a la BGP -- a technology that we know, understand, and at least sort of trust to run this crazy, giant network that dwarfs even a 50M-user provider.
Let actual _content_ still be end-to-end, so that we do not simply reincarnate NNTP or UUCP.
Now I'm lost again. You've mixed so many different metaphors from interdomain routing to distance-vector computaton to store-and-forward that I simply don't understand what you are proposing or how one could begin to approach implementing it or what problem you seem to think it solves (although it sort of seems like you're wanting to attack the trustworthiness of email to battle SPAM through some mechanism that depends only on the level of trust for the (source, arrival path) tuple from whence it came. What am I missing? Owen