Re: Abstract of proposed Internet Draft for Best Current Practice (please comment)
On Fri, 7 Mar 2003, Dr. Jeffrey Race wrote:
Whether it is implemented is not my business. I am the doctor diagnosing the illness and prescribing the scientifically validated cure, and warning the patient of the quack remedies on the market. My job is done now (almost, I just have to reformat and submit as I-D, maybe a few more hours).
The problem is you're not defining a cure. You're defining rules for a quarantine. Quarantines work when you have a single, reliable, authoritative entity enforcing them...but when you allow people to decide if they want to respect the quarantine or not, it doesn't work. Unless there is some mechanism to enforce the respect of the quarantine you propose, beyond the supposed benefits of the quarantine, your proposal will not work. See, the benefits will never be universally accepted...most people would prefer a best-effort filtering solution that empowers the end-user to ultimately decide what they want to reject. Does that shift the cost to the receiving end? Yes. Is that better than preventing your customers from reaching large portions of the net? Most emphatically yes. If you look at it another way, why would an almost-tier 1 pay for transit? All it does is make them pay a price to be able to reach certain parts of the net. If losing money is such a motivator for stopping network abuse, your proposal would inherently link "the price of filtering" with "the price of being able to reach all of the net". Therefore, if people are willing to pay for transit, under the logic of your proposal, they should be willing to pay for filtering. Until people are perfect, filtering out the bullshit they spew will always be a technical band-aid for a social problem. The key is to push the decision making to the end-user, not to a central authority.
By way of background, I wrote a very famous book (War Comes to Long An) on a matter of transcendent national importance, in 1972. It also (by inference) prescribed some medicine. It got a lot of criticism at the time, but it is now the canonical analysis of that problem, used in universities and military/diplomatic training institutions worldwide. It took several years for this to happen. I know, from talks with friends in the White House, that MANY people are alive today who would be dead had I not spent three years of my life writing that book.
Unfortunately, writing a well-respected book about a peasant revolt in South Vietnam doesn't bring any free credibility to this arena. If nothing else, you should realize the inherent flaws in attempting to enforce rules (perceived to be unjust) on people who do not wish it.
I have spent three years developing this draft BCP. It is a cure, in fact the ONLY cure, for the spam menace. It will work. Whether people want to take the cure is up to you and your colleagues. I am just a drive-by spamming victim who got sick of the pointless debate and decided to analyse the problem based on what I know of technology and of human behavior (having studied both professionally; I am trained as a social scientist from a well-known institution in Cambridge Massachusetts but have spent most of my recent adult life in technology; I was in the Army signal corps before that). This is just a charitable effort on my part. I am not selling anything.
I also studied at a well-known institution in Cambridge, although I was more interested in beers, bongs, and bitches (no disrespect intended to women, that was just the saying...people will do anything for an alliteration). Anyway, I respect the effort and the intent. What I'm trying to convey is that the total and willfull ignorance toward practicality is your fatal flaw.
My apologies for the personal discussion which I would not ordinarily go into, but it is germane here so you all can understand I have no vested interest in pushing software or hardware. This effort is completely unrelated to my life work except in the sense that I am a spam victim.
No, we're painfully aware that you're an academic. That's actually the problem. If you were a hardware or software vendor, you might be proposing a solution that people can purchase and implement. You're proposing a radical paradigmatic shift of the way the internet works. The last paradigmatic shift that was actually implemented, that I can think of, was CIDR. And CIDR was _desperately_ needed, and universally accepted as THE solution.
There are lots of well-run networks that don't accept inbound spam and don't enable outgoing spam. Their customers are happy and they are making money.
Correct. And those networks don't use your methods.
Remember, it's a fine line. The network operators don't advocate abuse;
Some do and gain lots of revenue from it. See the sad truth at
<www.camblab.com/nugget/spam_03.pdf>
Surely, as an acadmeic, you realize the fault in citing your own papers (that haven't been rigorously investigated and upheld by the community) to prop up your own arguments? And unfortunately, there are serious flaws in the paper, far beyond the scope of what I'd care to get into. By far, most of what you attribute to malice would be more likely attributed to incompetence, to steal a quote from the brillliant .sig of somebody somewhere on one of these lists.
the business end of cash-desperate networks are the driving force in this industry, not us.
You have elegantly stated the Environmental Polluter business model: internalize the revenue streams from the customers, and externalize the losses imposed by spam-enabling actions and negligence.
GE used to work on that business model. They are no longer dumping effluents into the ground in Pittsfield Mass. This could happen to the Internet! (with your help--go for it!)
Except, nobody's health is affected by this...and the revenue impact is minimal also. Otherwise, that would have been the motivation to fix the problem long ago. Your propose to make the revenue impact much greater (through collateral damage), and I'm here to tell you that what you propose is the technical equivalent of cutting off one's nose to spite one's face. Andy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Andy Dills 301-682-9972 Xecunet, LLC www.xecu.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Dialup * Webhosting * E-Commerce * High-Speed Access
participants (1)
-
Andy Dills