Personal Website of Yakov Shafranovich

2004: The Year That Promised Email Authentication

December 25, 2004 – 11:25 pm

(This article was published at Circle-ID)

As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the “killer app” of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us has become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the FOSS community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004.
Read the rest of this entry »

Posted in Spam and Email | Comments Off

FTC, Microsoft and Sender-ID

November 9, 2004 – 8:38 pm

As FTC’s email authentication summit takes place today in Washington (together with IETF’s 61st meeting), several interesting things are afoot. First of all, the “industry” published a letter of support for Sender-ID including a signature from Meng Wong, the author of SPF. Declan McCullagh of CNET reported today on the issues surrounding the patent problems with Sender-ID and what took place at the summit. Meanwhile, PJ of Groklaw published two excellent articles on the whole mess (1 and 2).

Posted in Spam and Email | 1 Comment »

If you fail, try again

October 5, 2004 – 12:01 pm

Having failed to push Sender-ID through the IETF, Microsoft is trying again - through the Federal Government. William Leibzon an extract of Microsoft’s comments submitted to the FTC:

The test of whether Sender ID or any other proposed solution is an open standard is not Whether it has been ratified through an open consensus-based process, but rather whether the proposal can be widely adopted - indeed many successfull industry standards are not ratified by as standard-setting organization.

Another words, screw the IETF and the FOSS community, if the proprietary industry adopts it, its a standard. Of course, they conviently “forget” to mention the incompatability with the GPL and the fact that the biggest four MTAs on the Internet might be unable to use it.

The sad thing is that the deadline for the comments has already passed, and only 43 comments were submitted, some of which aren’t very helpful and some downright crazy (Larry Rosen’s comments are of particular interest). But of course, just like the RIAA, if you fail to reach your goals through normal channels, lobby the government; which appears to be the case here with Microsoft. It remains to be seen what will happen during the actual FTC/NIST summit which is scheduled to be held on November 9th and 10th, during the week of IETF’s 61st conference in DC.

Posted in Spam and Email | Comments Off

FTC to Hold Email Authentication Summit

September 27, 2004 – 11:22 am

FTC and NIST will be hosting an E-mail Authentication Summit on November 9th and 10th. Incidently this is the same week as IETF’s 61st conference and also in Washington. More information at the FTC and GrokLaw.

Of course the main question is whether Uncle Sam will mandate a specific standard.

Posted in Spam and Email | Comments Off