List Info

Thread: RE: botnets: web servers, end-systems and Vint Cerf




RE: botnets: web servers, end-systems and Vint Cerf
country flaguser name
United Kingdom		 2007-02-19 09:32:26 
> I look forward to your paper on "the end to end
concept, and 
> why it doesn't 
> apply to email" ;)

Clearly the answer is that it never has applied to email in
the pasts.
Hosts don't email each other, people do. People have always
relied on
Internet postmaster services to enable Internet email. Given
that we
have already thrown out the end-to-end concept from day one,
why must we
maintain such a brain-dead flat architecture. People who
wanted the
end-to-end concept used to use "talk" on UNIX and
Windows popup messages
until recently. Now, even those people have shifted to a
hierarchical
architecture of instant-messaging servers.

> I'm not convinced there is an email architecture
problem of 
> relevance to the 
> discussion. People mistake a security problem for its
most 
> visible symptoms. 

There is more than one security problem here. A
well-thought-out email
architecture will only address one of those security
problems.

> The SMTP based email system has many faults, but it
seems 
> only mildly stressed 
> under the onslaught of millions of hosts attempting to

> subvert it. 

It depends where you measure that stress. The decline of
Internet email
mindshare in favour of IM and Web forums indicates to me
that it is
severely stressed at the user level.

> We may need a trust system to deal with identity within
the 
> existing email 
> architecture, 

Bingo!

> but I see no reason why that need be 
> hierarchical, indeed 
> attempts to build such hierarchical systems have often
failed 
> to gather a 
> critical mass, but peer to peer trust systems have
worked 
> fine for decades 
> for highly sensitive types of data.

Peer-to-peer is a form of hierarchy. If you decide to trust
X, Y, and Z
and also trust all the hosts that X, Y and Z trust, then you
have a
trust hierarchy carved out of the peer-to-peer space. So if
I trust AOL,
Earthlink and Verizon, and I also trust all those trusted by
these
three, then you can't talk to my mail server until you
arrange trust
with me, or with one of the three trusted mail systems. Fact
is that the
email architecture does not include any form of trust and
things like
Sender-ID and DKIM are only bandaids that don't solve the
problem and
introduce additional insecurities.

Additionally, if we can introduce hierarchy into the mail
flow, we also
introduce points at which cost-based models of spam
prevention can be
tried. If you can pay a penny a message to guarantee that
your mail gets
delivered quickly, bypassing any spam-filtering checkpoints,
then that
is something that the majority of users would buy into and
the money
provides grease for the wheels of the system, making it
worthwhile to do
things like set up an email peering agreement.

Let's face it, the Internet of the early 90's is gone. It
won't be
coming back either. The challenge now is to operate a
network that is
capable of being *THE* global communications infrastructure.
If the
public Internet doesn't adapt to this job, then other
networks will
leverage the IETF's technology to do so.

--Michael Dillon
Re: botnets: web servers, end-systems and Vint Cerf
country flaguser name
United States		 2007-02-19 11:16:57 


>> I look forward to your paper on "the end to
end concept, and
>> why it doesn't
>> apply to email" ;)

I think the problem here is that people invoke something
they think  
of as 'the end-to-end principle', but actually isn't.

from <http://web.mit.edu/Saltzer/www/publications/endtoend/ 
endtoend.pdf>:

-----

  . . .  functions placed at low levels of a system may be
redundant  
or of little
value when compared with the cost of providing them at that
low level.

-----

*That* is the actual 'end-to-end principle'.  The imposition
of  
hierarchy in application-layer email routing (or DNS
infrastructure,  
etc.) has nothing to do with the actual end-to-end
principle, except  
as a good example of honoring it.

------------------------------------------------------------
-----------
Roland Dobbins <rdobbinscisco.com> //
408.527.6376 voice

           The telephone demands complete participation.

                       -- Marshall McLuhan
RE: botnets: web servers, end-systems and Vint Cerf
country flaguser name
United Kingdom		 2007-02-19 11:54:34 
On Mon, 19 Feb 2007, michael.dillonbt.com wrote:
>
> Now, even those people have shifted to a hierarchical
architecture of
> instant-messaging servers.

In what way is IM hierarchial? The commercial IM systems
have a star
topology with a tightly controlled core and basically no
inter-domain
federation, so I don't know why you claim they are
hierarchial.
Jabber/XMPP has a mesh-of-stars topology which is the same
as email's
modulo some simplifications (mainly owing to the lack of
forwarding).

ISTR that you were arguing in favour of a chain-of-trust
system for email
back in November on the IETF list. I pointed out that the
architecture you
are proposing is essentially the same as inter-domain
routing (IP & BGP)
and Usenet, and you failed to explain how your ideas would
solve the
unwanted traffic problem for email given that the same
architecture
doesn't solve the unwanted traffic problem for IP or NNTP.

http://www1.ietf.org/mail-archive/web/ietf/curre
nt/msg44467.html

Tony.
-- 
f.a.n.finch  <dotdotat.at>  http://dotat.at/
HUMBER THAMES DOVER WIGHT PORTLAND: SOUTHERLY 4 OR 5,
OCCASIONALLY 6 IN
PORTLAND. SLIGHT OR MODERATE, OCCASIONALLY ROUGH IN
PORTLAND. DRIZZLE THEN
RAIN. MODERATE OR GOOD.
[1-3]

about | contact  Other archives ( Real Estate discussion Medical topics )