Slashdot Mirror

← Back to Stories (view on slashdot.org)

Revising the Internet Email Infrastructure

Posted by michael on from the starting-over dept.

Lauren Weinstein writes "People For Internet Responsibility (PFIR) today released a white paper aimed at starting discussion and work to fundamentally revamp Internet e-mail systems to control spam, forgeries, and a range of other problems, while empowering e-mail users rather than ISPs." Excellent start.

4 of 311 comments (clear)

  1. PGP by Richardsonke1 · · Score: 5, Informative

    Until this comes out, PGP is a great way to keep your email private and secure. It also deals with forged headers using email signing. MIT has a great client here

    --
    "Men lie."
    "Yeah, about sleeping with other women, but never about bioluminescent plankton."
    -Dan Brown
    1. Re:PGP by rtnz · · Score: 5, Informative

      I would suggest GnuPG, free as in free.

      GnuPG

  2. Site Quote by Anonymous Coward · · Score: 3, Informative

    PFIR - People For Internet Responsibility
    TRIPOLI Project Press Release
    May 8, 2003

    PFIR Home Page

    PFIR Announces the "TRIPOLI" Project

    A Call to Arms to the Internet and Open-Source Communities!
    It's Time to Secure E-Mail, Control Spam, and Empower E-Mail Users!

    People For Internet Responsibility (PFIR) co-founders Lauren Weinstein and Peter G. Neumann today called on the Internet and Open-Source Communities to consider a proposal for the most significant and far-reaching changes to e-mail systems since the creation of the Internet and its ancestor ARPANET more than 30 years ago.

    PFIR today released a white paper describing a proposed project to consider the implementation and deployment of widespread encryption, authentication, anti-spam, and other advances directly into the fundamental structure of Internet, intranet, and local e-mail systems.

    The "TRIPOLI" project overview paper located at:

    http://www.pfir.org/tripoli-overview

    describes the proposed new environment which focuses on ensuring that choices and power regarding e-mail are vested directly with e-mail users themselves, rather than with Internet Service Providers (ISPs) or government agencies.

    The changes described by the TRIPOLI proposal could be gradually implemented, largely based upon open-source software tools that already exist. Ultimately under TRIPOLI, the volumes of forgeries and spam (both received by users and traversing the Internet) would be drastically reduced, by default all e-mail would be encrypted, and e-mail users would have essentially complete control over how they individually choose to send and receive e-mail.

    "Current e-mail systems were not designed to deal with the kind of world we have today -- they've become a hopeless nightmare for users and ISPs alike," said Weinstein. "E-mail users are inundated with spam, forged mail, and other garbage, and unfortunately the actions many ISPs are taking to try control spam and other e-mail are shackling their honest customers with unreasonable restrictions and making matters even worse. Some of the proposed anti-spam laws may also exacerbate these problems without really controlling spam at all. Legitimate e-mail users need to be put back in the driver's seat, and there isn't a moment to lose."

    "These problems are getting more severe every day," said Neumann. "Not only are users and networks drowning under spam and other e-mail deficiencies, but basic matters of security and reliability on the Internet are being largely ignored under the current intolerable situation. These critical problems simply cannot be fixed without coordinated and major changes to the way e-mail is handled throughout the Internet. It's going to be a big job, but we have to get going on this right now."

    PFIR hopes that the TRIPOLI proposal can act as a starting point for discussion and implementation of systems to solve the many e-mail problems that exist today, in a manner that empowers users rather than unfairly restricting them. PFIR invites the participation of the open-source and Internet communities at large towards these crucial goals.

    Persons interested in participating or getting more information about the TRIPOLI project can send e-mail to:

    tripoli-info@pfir.org

    or use the contacts listed below.

    - - -

    CONTACTS:

    Lauren Weinstein
    lauren@pfir.org
    Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org
    Moderator, PRIVACY Forum - http://www.vortex.com
    Member, ACM Committee on Computers and Public Policy
    http://www.pfir.org/lauren

    Peter G. Neumann
    neuma

  3. The Simple Solution... by radulovich · · Score: 3, Informative

    Is not to reinvent the protocol. Spammers will disappear if nobody reads their spam (because it will be too ineffective, even at a cheap price).

    The better solution is simple - let me rate the"trustworthiness" of the sender who sends me email and sort it appropriately. I can add all my family and friends to the "explicitly trusted" list. Then, the server can allow for an option such as "possibly trusted", which might include all emails from the same domain I'm in, or from domains I specify (e.g. *@mit.edu).

    All other email will be tagged as "untrusted". Now, I can set my email browser to color code them, simply ignore them, or set a rule for each category. Yahoo! already does this, showing a smiley face with the emails that come from people in my address book

    This can be done simply, and without rewriting any protocols. Beware people who want to reinvent the wheel to gain profit when there is no need. "Pit certification" is unnecessary, and too costly.

    -Mark Radulovich, CISSP