|
FTC Email Authentication Summit and Sender ID |
|
Tuesday, November 09 2004 @ 03:16 AM EST
|
It looks like Sender ID is being pushed in a big way tomorrow at the FTC hearings on email authentication. There will be phone lines open, first come, first serve for the public who are unable to attend in person. The hearing itself is also open to the public on a walk-in basis. Here's more info from the FTC's website:
Phone lines will be available on a first come, first serve basis to members of the public who are unable to attend
the summit in person.
Call-in Information
Date: 11/9/2004
Start Time: 8:30:00 AM
Phone Number: 800-720-5850
Chairperson: Bruce Jennings
Confirmation No. :27530905
Date: 11/10/2004
Start Time: 8:30:00 AM
Phone Number: 800-720-5850
Chairperson: Bruce Jennings
Confirmation No.: 27531336
There will be an email address monitored during the summit for members of the public who wish to email questions to panelists. Information about the email address will be available on the day of the summit.
And here is the list of companies and individuals who have hopped on the Sender ID bandwagon. Some of them may not realize that there is an issue about the GPL. Amazon, for example, runs its business on GNU/Linux systems.
You can read some of the comments submitted by the public on this page. They are all PDFs. Here's a bit from one: Relying upon any single vendor or a national mandated approach will faiL. The degree of global acceptance and adoption required to eliminate the 'spam' and viral infection problems is 99.99999%. No solution that only works on one type of operating system/platform version will adequately solve the problem. Solutions should easily work on all types of client and server computers running e-mail client and server software: Unix, Microsoft Windows, Macintosh, Linux, PDAs, web-enabled phones, etc. The optimal solutions would likely come from the Free and Open Software community since they already write the software powering 70% of internet servers. And another: The Microsoft proposal, with its 'poison pill' against the GPL, is a good example of a VERY bad idea that must be rejected. All such attempts to 'monetize' the internet's email system by any party must be avoided. If the U.S.A chooses to attempt to force such a system, the likelyhood is that some non-trivial percentage of the world (including those inside the USA) will NOT adopt the system, thus either making it impossible for folks on one side to send email to folks on the other, OR there will be email gateways - which will end up gatewaying spam (and completely voiding all possible benefits of the system!). From EFF: Any Internet standard, including any for email server authentication will have to be compatible with open source software licenses and cannot be burdened by intellectual property claims such as patents. According to a study done by Oan Bernstein(http://cr. to/surveys/smtpsoftware6.txt), open source software accounts for the majority of Simple Mail Transfer Protocol (SMTP) servers on the Internet. According to Yakov Shafranovich, a co-founder and software architect with Solid Matrix Technologies, Inc., and former co-chair of the Anti-Spam Research Group (ASRG) of the Internet Research Task Force (lRTF): lt is well known that free and open source software collectively called 'FOSS' runs majority of the Internet architecture: Linux, Apache BINO, sendmail, OpenSSL and others have significant if not most of the market share in their respective categories. On the other hand majority of the desktop market is dominated by commercial software, a major part of which is either made or sold by Microsoft. This is even more expressed in the email market than other categories: the biggest four software packages used for email servers today are qmail, send mail postfix and exim, all of which are FOSS (although some dispute that regarding qmail). (http://ww.circleid.com/article/732 - C/ Here's a snip from David Wheeler's letter: * NIST should urge lawmakers to make spam illegal, so that technological measures will have legal standing. Authentication has little anti-spam value without it. * NIST should insist that any anti-spam technical standard must be implementable by all suppliers of email infrastructure, both proprietary and open source software. . . .
Businesses must be able to accept emails from strangers; it's how they get new business. Home users must usually accept emails from long-lost people they knew from years ago. It's not practical to only accept email from previously known email addresses. Thus, a spammer can create a new address for every message, each of which can be authenticated. And as noted in the Register, spammers now take over user's machines, and thus they can send email as that user (and could authenicate themselves, too).
This doesn't mean that authentication is useless. Authentication is useful in its own right, especially for countering phishing attacks, and for eliminating false "bounce" messages from forged email. And authentication, when combined with other anti-spam technology, could have a very slight impact on spam in the short term. But unless there are laws forbidding spam, that permit civil suits and recovery of damages against spammers, then the technological measures will not be very effective. Microsoft is encumbering its proposal with what it calls its "Royalty Free Sender ID Patent License." Novices might see no problems with this, but this is simply not a reasonable proposal. As the careful analysis of Mark Shewmaker (http://ww.imc.org/ietf-mxcomp/mail-archive/msg03514.html) and others shows, this license is extremely discriminatory: it is essentially incompatible with open source software (OSS). Since vast amount of the mail infrastructure is implemented with ass, this is unreasonable and extremely discriminatory. For example, the Apache Software Foundation (ASF) announced that it couldn't support Sender-ID, at: http://ww.apache.org/foundation/docs/sender-id-position.htm I This is important since ASF releases the widely-used SpamAssassin (as well as the Apache web server). Any authentication system MUST be implementable by all major systems. This means that it must be implementable by all open-source and proprietary systems. Mere public specification is not enough; systems must be IMPLEMENTABLE to be useful, and that includes terms that permit widespread implementation by all relevant parties. And finally, Microsoft: Technology alone, however, will not solve this problem. A holistic approach that also includes industry collaboration, legislation, enforcement, and education is necessary to shift the burden from the user to the spammer, resulting in an increase in the reliability of e-mail and of the Internet. This approach also requires that any proposed authentication standard be supported on a global basis, because spam transcends and traverses national borders. Collectively, these measures will help to substantially reduce the amount of junk e-mail delivered to users' mailboxes and optimize users' overall online experience. See, that's just the problem. The Internet runs on FOSS and increasing numbers of individuals, businesses and government agencies prefer to use Linux, and by choosing a license that excludes all those folks, Sender ID, by Microsoft's own logic, won't work. Of course, Microsoft has thought of that and they have a plan: Sender ID also requires modest changes to the e-mail software used by sending servers in certain situations -- mainly to those servers that perform e-mail forwarding. As more and more organizations adopt e-mail authentication techniques, pressure will mount on those who are not participating, because their e-mail will be subjected to greater scrutiny and will be at a greater risk of being blocked by spam filters. Thus, over time, upgrades to existing software will become necessary. Devilish indeed. But I urge you to read the section on Intellectual Property, beginning on page 8. Their version of what happened with the Internet Engineering Task Force (IETF) is something to behold. It begins like this: Open Standard. Any authentication system requires cooperation between senders and recipients of e-mail. For that reason, we believe that specifications for these systems must be publicly available and widely implemented -- which is why our Sender ID specifications have been published as Internet Drafts at the Internet Engineering Task Force ("IETF"). A technical interoperability specification is an open standard when it has been ratified in an open, consensus-based process. . . . The Sender ID Framework satisfies these conditions because its specifications are published by the IETF, and because the essential intellectual property rights disclosed to the IETF have been made available on reasonable and non-discriminatory terms that are also free of royalties and other fees. That is clearly false, as the license attaches terms that preclude its use with any GPL software. They do mention that the IETF working group "has not reached consensus on the proposal and has suspended its work for now -- a decision which is being appealed -- but the disclosure of intellectual property rights to IETF and its publication of Sender ID Framework specifications endures and thereby satisfies the conditions for an open standard." They say the test isn't whether a solution is an open standard isn't whether it has been ratified "through an open-consensus based process", but whether the solution "can be widely adopted. . ." Not a word that I can see in their letter about the GPL conflict. This kind of doubletalk is beyond my heart's comprehension. And here's a scary sentence about the Sender ID license:
"The terms of this license can be accepted by anyone at any time, now or in the future, and will extend to all of Microsoft's essential patent rights needed to implement Sender ID -- not just the essential patent rights that could issue from these patent applications. . . . although this license does not cover other patent rights that might be owned or controlled by parties other than Microsoft and that may be needed to make, use or sell implementations of Sender ID . . . "
By the way, this is what Microsoft's words look like if you copy and paste them, so I had to hand type them:
'l:'chnoiogy ",1011_ 11owt'-v.;r, vì1 not ~wivi.~ this prob1em. A holi~tit appiwJdi that "i1so incl1tdes industry coJiaboratio):, kgislaiiüt1, üHfürçem~l1t, and education is necess::ry to shift the burden i1'om ~he user to the sp;,nw:wr, n::sii1Üng În an increase in lhi; rdiahilit:" of e--rnai¡ and of the TntemeLThis appwadi "iko requ:res that any propo~1ed mdientieition :"Ümdardbe supported on a global basis, hteaw3i; spam tn.mseends and traver~:;es national bün.:kn:" Cü!kctivdy" i.hese measures wH1 help to sl,bsLmUally redlice Now, Groklaw is nonpolitical, and I'm not one to be telling the FTC or any government agency what to do, but you could be a child and see that Microsoft's definition of open standards is ludicrous. Ludicrous and dangerous. It looks to me like Sender ID is just another way to set up conditions to hold back Microsoft's principal competition. They intend that non-Sender ID email will over time become so annoying that we all finally acquiesce and sign their poison pill license. What is the difference between that strategy and Microsoft's tried-and-true anticompetitive trick of arranging it technically so that competitors' applications don't work well in a Windows environment? And while we are on the subject of anticompetitive moves, you'll find this article instructive, I think. It gives more detail about the Novell-Microsoft litigation, particularly why Microsoft wasn't willing to settle that claim without litigation, and also reveals that Microsoft just settled with another organization: In a separate settlement announced yesterday, Microsoft said it will join the Computer & Communications Industry Association (CCIA), the trade group that has fiercely opposed it for years and was its main challenger in European courts. At the same time, the group agreed to withdraw its complaint against the company in Europe.
"We and other companies in our industry do have the capacity now to sit down face to face and resolve the kinds of thorny antitrust issues that in the past were left to the government to resolve," said Microsoft General Counsel Brad Smith. The CCIA's complaint, according to Microsoft, was "a principal obstacle to our ability to negotiate a settlement" with European Union regulators in March. Some money is being paid to CCIA for their legal expenses. Ed Black, president and chief executive of CCIA, says "we're going to continue our effort in open-source and copyright and patent areas." Microsoft, in the article, tries to portray RealNetworks as standing alone now against them. A spokesman for RealNetworks is quoted as saying, "Microsoft's payments to Novell and CCIA do not change the anticompetitive conduct condemned by the European Commission."
|
|
Authored by: attila_the_pun on Tuesday, November 09 2004 @ 05:08 AM EST |
Starting with
s/sidely/widely/[ Reply to This | # ]
|
- aSS->OSS and ass->oss (n/t) - Authored by: Anni on Tuesday, November 09 2004 @ 05:17 AM EST
- authenicate -> authenticate - Authored by: moonbroth on Tuesday, November 09 2004 @ 06:10 AM EST
- Corrections here please - Authored by: farnz on Tuesday, November 09 2004 @ 06:14 AM EST
- Corrections here please - Authored by: Anonymous on Tuesday, November 09 2004 @ 06:37 AM EST
- with ass?? - Authored by: Anonymous on Tuesday, November 09 2004 @ 07:29 AM EST
- s/cr.to/cr.yp.to/ - Authored by: Anonymous on Tuesday, November 09 2004 @ 08:08 AM EST
- s/cr.to/cr.yp.to/ - Authored by: Anonymous on Tuesday, November 09 2004 @ 10:48 AM EST
- Corrections to the links in the article above... - Authored by: Groklaw Lurker on Tuesday, November 09 2004 @ 10:34 AM EST
- Corrections here please - Authored by: Anonymous on Tuesday, November 09 2004 @ 11:03 AM EST
- Corrections here please - Authored by: red floyd on Tuesday, November 09 2004 @ 11:45 AM EST
- What I _ACTUALLY_ said... - Authored by: dwheeler on Tuesday, November 09 2004 @ 05:08 PM EST
- ww.imc.org/ietf-mxcomp/mail-archive/msg03514.html - Authored by: Anonymous on Tuesday, November 09 2004 @ 07:33 PM EST
- Corrections here please - Authored by: Anonymous on Saturday, November 13 2004 @ 02:20 PM EST
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 05:16 AM EST |
Do nothing?
Wait for a FOSS solution? When's that going to appear?
Really, to an impartial observer, this all sounds very negative and
anti-Microsoft. They have a partial solution, they're trying to make it it
available to anyone who wants to use it. Slapping them in the face doesn't look
like the act of a reasonable person, unless an alternative is provided.
What's it to be?[ Reply to This | # ]
|
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 05:20 AM EST
- So, what's the alternative? - Authored by: PJ on Tuesday, November 09 2004 @ 05:35 AM EST
- So, what's the alternative? - Authored by: PJ on Tuesday, November 09 2004 @ 05:37 AM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 05:52 AM EST
- I disagree with the parent. - Authored by: Anonymous on Tuesday, November 09 2004 @ 06:19 AM EST
- So, what's the alternative? - Authored by: PJ on Tuesday, November 09 2004 @ 07:09 AM EST
- So, what's the alternative? - Authored by: eggplant37 on Tuesday, November 09 2004 @ 07:20 AM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 07:42 AM EST
- So, what's the alternative? - Authored by: Steve Martin on Tuesday, November 09 2004 @ 08:09 AM EST
- So, what's the alternative? - Authored by: Tyro on Tuesday, November 09 2004 @ 01:30 PM EST
- Link problem - Authored by: bbaston on Tuesday, November 09 2004 @ 08:52 AM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 05:37 AM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 05:46 AM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 06:10 AM EST
- So, what's the alternative? - Authored by: moonbroth on Tuesday, November 09 2004 @ 06:20 AM EST
- The alternative is *NOT* Microsoft's Sender ID Framework solution - Authored by: eggplant37 on Tuesday, November 09 2004 @ 07:01 AM EST
- So, what's the alternative? - Authored by: Latesigner on Tuesday, November 09 2004 @ 07:06 AM EST
- So, what's the alternative? - Authored by: darthaggie on Tuesday, November 09 2004 @ 08:33 AM EST
- So, what's the alternative? - Authored by: pscottdv on Tuesday, November 09 2004 @ 10:31 AM EST
- So, what's the alternative? - Authored by: Groklaw Lurker on Tuesday, November 09 2004 @ 11:01 AM EST
- We could ban Microsoft systems from the Internet for starters.... - Authored by: artp on Tuesday, November 09 2004 @ 11:43 AM EST
- So, what's the alternative? - Authored by: eric76 on Tuesday, November 09 2004 @ 12:21 PM EST
- "Good enough" never is. - Authored by: manys on Tuesday, November 09 2004 @ 12:29 PM EST
- It's another M$ trap... - Authored by: eckenheimer on Tuesday, November 09 2004 @ 01:36 PM EST
- SPF Is the alternative - Authored by: kitterma on Tuesday, November 09 2004 @ 02:16 PM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 02:52 PM EST
- grounds for another anticompetitive lawsuite. - Authored by: Franki on Tuesday, November 09 2004 @ 03:36 PM EST
- A true solution to the spam problem - Authored by: nb on Tuesday, November 09 2004 @ 05:22 PM EST
- So, what's the alternative? - Authored by: blacklight on Tuesday, November 09 2004 @ 07:05 PM EST
- So, what's the alternative? - Authored by: Anonymous on Tuesday, November 09 2004 @ 08:23 PM EST
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 05:18 AM EST |
embrace, extend, extinguish.
sound familiar?[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 05:18 AM EST |
PJ, can we copy and paste your story and send it?
You really have done a fine piece of writing here again, what if we all sent in
a flood of the exact same to them?
Does this make sense?
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 05:19 AM EST |
Microsoft's score sheet vs Open Source
Security: LOST
Performance: LOST
Efficiency: LOST
Reliability: LOST
Cost: LOST
So they are now fighting on the on last
font available to them: Marketing and
legal mumbo-jumbo.
As we already know, Gates can't cope with a
proper toe-to-toe fight in the market place
so he hides behind legions of lawyers.
This is a big problem because Microsoft is now
so bug that it simply can't be stoped. Here in
the EU we fined them 0.5Bn and MS' response was
simple:
Q1: how much to comply?
A1: 0.5Bn
Q2: how much to hire 10 lawyers for 10 years?
A2: 0.1Bn
It's a no-brainer for MS. They can earn more than
that from INTEREST on the 0.5Bn they are not going
to hand over.
The company HAS to be broken up. And on a fast-track
basis too. Period. End of story.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 05:19 AM EST |
It's not clear why that sentence is scary. As I interpet it, it means that you
have a license to all Microsoft's patents that involve SenderID, even those that
are not explicitly stated. You don't have a license to patents needed that are
held by other parties. This seems pretty standard language. Microsoft seems
unlikely to be able to grant you a license to other companies' patents. (If
they could, wouldn't that be scarier?)
[ Reply to This | # ]
|
|
Authored by: Jeff on Tuesday, November 09 2004 @ 06:28 AM EST |
Why is the FTC even involved in this? The Internet is not the sole property of
the US and even if it was, I don't see how the FTC becomes the agency to do it.
In the end, I see this failing. Most mail servers do not run Microsoft products
(which is a good thing given their record of building faulty software).[ Reply to This | # ]
|
- Why - Authored by: PJ on Tuesday, November 09 2004 @ 07:18 AM EST
- Why - Authored by: John Hasler on Tuesday, November 09 2004 @ 01:28 PM EST
|
Authored by: N. on Tuesday, November 09 2004 @ 06:36 AM EST |
http://www.firefox.com/
I still have the same problems with Amazon et al, but I've nailed down the
problem - for some reason Firefox doesn't like logging into anything using a
secure server ("irony" doesn't begin to describe this feature...). Try
logging into Amazon.co.uk, for instance.
However, logging in via the standard server works fine - will have to watch out
for that option on the other sites I use, but I'm not sure that every other site
offers a choice between secure and standard servers.
Just went onto the Firefox website to see what I can do to change this and was
presented to page upon page of instructions - far too much text to read for most
people, including me, so much so that I'm now tempted to leave it to someone
else to sort out. All that text needs to be condensed to half a screen of text.
---
N.
(Recent [well, since mid-2003] convert to Linux)[ Reply to This | # ]
|
- Firefox.com, mozilla.org & spreadfirefox.com down due to excessive load (n/t) - Authored by: Anonymous on Tuesday, November 09 2004 @ 06:55 AM EST
- OT - Firefox 1.0 now out - Authored by: Anonymous on Tuesday, November 09 2004 @ 06:57 AM EST
- OT - Firefox 1.0 now out - Authored by: feldegast on Tuesday, November 09 2004 @ 08:02 AM EST
- OT - Firefox 1.0 now out - Authored by: Steve Martin on Tuesday, November 09 2004 @ 08:21 AM EST
- OT - Firefox 1.0 now out - Authored by: Greebo on Tuesday, November 09 2004 @ 08:51 AM EST
- OT - Firefox 1.0 now out - Authored by: Anonymous on Tuesday, November 09 2004 @ 09:02 AM EST
- OT - Netscape 7.2 Works fine on Amazon - Authored by: Anonymous on Tuesday, November 09 2004 @ 09:29 AM EST
- OT - Firefox 1.0 now out - Authored by: johnzap on Tuesday, November 09 2004 @ 10:14 AM EST
- I've logged into plenty of secure sites - Authored by: Anonymous on Tuesday, November 09 2004 @ 10:23 AM EST
- It's so much more responsive, no!? - Authored by: Anonymous on Tuesday, November 09 2004 @ 01:15 PM EST
- OT - Firefox 1.0 now out - Authored by: oldgreybeard on Tuesday, November 09 2004 @ 02:18 PM EST
- OT - Firefox 1.0 now out - and some Mangle tool exploits fixed - Authored by: WojtekPod on Tuesday, November 09 2004 @ 03:19 PM EST
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 06:55 AM EST |
PJ, what is the possibility of you writing up a single letter to send to the FTC
and allowing those that wish to do so, post their signatures in support of this
letter? I'm thinking of something similar to the Open Letter by Groklaw to SCOG.
Yes I know that you do not try to get involved with polotics but I believe in
this case that something should be said and done. Unfortunately the speed with
which something needs to be put together on this is too short of a time for me
personally to write anything myself without being totally an emotional appeal
instead of a well informed opinion. [ Reply to This | # ]
|
|
Authored by: Jude on Tuesday, November 09 2004 @ 07:06 AM EST |
If Microsoft's intention is that anyone be able to use SenderID without paying
royalties, then what purpose is served by requiring a license from Microsoft?
The issuing of licenses will cost Microsoft money, and no return can be expected
on this investment.
The only reason I can think of for requiring a license is that doing so gives
Microsoft the power to deny a license. I submit that Sender ID is not an open
standard if Microsoft reserves the right to decide who may use it.
[ Reply to This | # ]
|
|
Authored by: Nick_UK on Tuesday, November 09 2004 @ 07:16 AM EST |
I just thought I would point out that the company 'Sendmail' on the 'opt-in'
list is not the Open Source Sendmail MTA, which can be found here http://www.sendmail.org/ and not
sendmail.com which is the other one mentioned.
Nick[ Reply to This | # ]
|
|
Authored by: Sunny Penguin on Tuesday, November 09 2004 @ 08:19 AM EST |
The online vigilante approach to spammers seems to work.
Signing them up for lots of real world mail items they do not want.
The NSA could help find them <evil grin>
---
Just Say No to Caldera/SCO/USL/?
[ Reply to This | # ]
|
- How misguided! - Authored by: artp on Tuesday, November 09 2004 @ 11:52 AM EST
- How misguided! - Authored by: Anonymous on Tuesday, November 09 2004 @ 08:32 PM EST
|
Authored by: bap on Tuesday, November 09 2004 @ 08:24 AM EST |
A couple years ago the FTC held a spam summit. They had a company video tape
the summit and copies of the videos were available for sale afterwards.
Somebody who bought a set of the tapes lent them to me so I could create mpegs
of them, and they've been available on my website ever since. If they
again video tape this summit and somebody gets a copy of the tapes I'd be more
than happy to do the same with these tapes. If you get a set of these tapes and
are willing to send them to me for a week or so please get in touch with
me.
-Bruce[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 08:37 AM EST |
FTC is short for 'Federal Trade Commision'; they have no say outside of USA. I
honestly think that Internet issues should be resolved in an international
forum. US Internet users make up less than 10% of the total, and the growth will
be in the developing world.
[ Reply to This | # ]
|
|
Authored by: Jude on Tuesday, November 09 2004 @ 09:06 AM EST |
I finally found the email address where comments should be sent.
It's in a
press release about the event, which can be found at:
FTC, NIST to Host E-mail
Authentication Summit
I'd feel uncomfortable if I posted the email
address itself, and the text
says that submissions must adhere to certain
requirements.
This can be
found in the paragraph under the bold
heading
The Commission vote to publish the Federal Register Notice was
4-0-1 with Commissioner Jon Leibowitz not participating.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 09:11 AM EST |
Anyone heard of this study/group?? Any details?? Its from a pro MS site but
still its worth looking into: Here is the link
http://www.windowsitpro.com/windowspaulthurrott/Ar
ticle/ArticleID/44398/windowspaulthurrott_44398.html [ Reply to This | # ]
|
|
Authored by: Mecha on Tuesday, November 09 2004 @ 09:16 AM EST |
Sender ID also requires modest changes to the e-mail software used by
sending servers in certain situations -- mainly to those servers that perform
e-mail forwarding. (In other words, modest changes means dumping your
postfix/sendmail servers for Exchange, especially to those that perform e-mail
forwarding.)
As more and more organizations adopt e-mail authentication
techniques, pressure will mount on those who are not participating, because
their e-mail will be subjected to greater scrutiny and will be at a greater risk
of being blocked by spam filters. Thus, over time, upgrades to existing software
will become necessary.
(In otherwards, as we force everyone on to
SenderIP by making it a patch to all of our Outlook/Outlook Express clients, all
of the postfix/sendmail servers that are on the net will be forced to upgrade.
Since SenderIP is not compatible with these systems, the recommended upgrade is
to a server system that does support it - Exchange.)
--- LINUX!
Because Microsoft should have no business in your business! [ Reply to This | # ]
|
|
Authored by: Atticus on Tuesday, November 09 2004 @ 09:22 AM EST |
And here is the list of companies and individuals who have hopped on the
Sender ID bandwagon. Some of them may not realize that there is an issue about
the GPL. Amazon, for example, runs its business on GNU/Linux
systems.
I find it interesting that The Open Group is on the list
of supporters; they include such member companies as Red Hat and SuSE. What
are they thinking?
--- --
-Atticus (who is not a lawyer :-) aka Mike Schwager)
[ Reply to This | # ]
|
|
Authored by: eggplant37 on Tuesday, November 09 2004 @ 09:38 AM EST |
I tried to send a comment this morning to the address identified on the FTC's
page regarding the panel happening at this moment, emailsummit_nov4@ftc.gov.
Sadly, it's not working; any attempt is rejected with "550 5.1.1 User
unknown." Any attempt to try variations on the address, such as
emailsummit_nov9@ftc.gov or emailsummit@ftc.gov also fail.
Nice to see that they're on top of this.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 10:17 AM EST |
> the essential intellectual property rights disclosed to the IETF have been
made available on reasonable and non-discriminatory terms
Hey Microsoft, you might want to look up the recent FTC actions in the _Unocal_
case. Misrepresentations to a government agency, when used to anticompetitive
effect, are a Sherman Act no-no as far as the FTC is concerned.
The silver lining is, as a user of email I'll probably have standing to join a
class action...
[ Reply to This | # ]
|
|
Authored by: Groklaw Lurker on Tuesday, November 09 2004 @ 11:05 AM EST |
I used to have a bumper sticker from the 'The Linux Journal' that read:
"In a world without fences, who needs GATES?"
It so perfectly sums up the whole SenderID thing...
---
(GL) Groklaw Lurker
End the tyranny, abolish software patents.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 11:12 AM EST |
Can someone please explain why an ordinary person like me, should be affraid of
seeing Microsoft validating its sender ID authenticating stuff? How myself would
be affected by that? Does it mean that I will have to pay money to MS for
sending/receiving e-mails and other internet-related comunications? If royalties
have to be paid (which ones and why?) I suppose that my internet service
provider should be responsible for those matters, but perhaps they (ISP) will
increase the fees eventually to compensate for those payments? I really dont
understand whether the end-user or the software (GPL)developers is affected in
the first place. On the other hand, I feel that a safer web is necessary, but I
haven't heard of any alternatives to MS'sender ID authenticating stuff. If that
is bad, why the GPL developers have not yet responded by putting forward an
alternative to this "menace"? I know, I am not a software developer
and have no idea of how those things work. But if MS came out with that, there
are many different ways to kill out a bug.[ Reply to This | # ]
|
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: seanlynch on Tuesday, November 09 2004 @ 11:39 AM EST
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: Groklaw Lurker on Tuesday, November 09 2004 @ 11:43 AM EST
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: moonbroth on Tuesday, November 09 2004 @ 11:48 AM EST
- Many alternatives are already available - Authored by: Anonymous on Tuesday, November 09 2004 @ 11:51 AM EST
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: Anonymous on Tuesday, November 09 2004 @ 12:05 PM EST
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: eggplant37 on Tuesday, November 09 2004 @ 12:19 PM EST
- YOU MUST UNDERSTAND, HERE"S WHY! - Authored by: Anonymous on Tuesday, November 09 2004 @ 12:42 PM EST
- In one sentence: - Authored by: jaydee on Tuesday, November 09 2004 @ 01:19 PM EST
- I STILL DONT UNDERSTAND, PLEASE EXPLAIN! - Authored by: Anonymous on Tuesday, November 09 2004 @ 02:44 PM EST
- I'll explain that you're a troll dude (or dudette) - Authored by: Anonymous on Tuesday, November 09 2004 @ 04:20 PM EST
- Here are links to explanations... - Authored by: dwheeler on Tuesday, November 09 2004 @ 05:25 PM EST
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 12:09 PM EST |
I agreed with you up until you said that there was no spam before Microsoft. As
much as I would love to blame MS for creating spam, spam predates MS's entry
onto the Internet. HOWEVER, one may blame MS for creating insecure
software that allows the bots, proxies, and insecure mail relays to flourish. [ Reply to This | # ]
|
|
Authored by: eric76 on Tuesday, November 09 2004 @ 12:13 PM EST |
One thing that would really cut down on spam, at least in the short term, is if
ISP's would block outgoing SMTP connections from all but well known mail
servers.
The spam zombies would then have to send through their ISP's mail server where
it would be likely to draw the attention of the ISP.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 12:29 PM EST |
Last time I checked, the Internet was managed by submitting plain-text RFC
documents which described a system that could be implemented without any license
needed. Also, I must have missed the news the day that America were given
control over the internet...
Sarcasm aside, I don't understand how any of this is even possible. Can anyone
explain?
TIA,
Paul Barker
PS. Thanks PJ for putting together this site, it's really appreciated![ Reply to This | # ]
|
- RFC's? - Authored by: Groklaw Lurker on Tuesday, November 09 2004 @ 12:47 PM EST
- RFC's? - Authored by: Anonymous on Tuesday, November 09 2004 @ 01:21 PM EST
- RFC's Vs. FTC - Authored by: Maciarc on Tuesday, November 09 2004 @ 01:34 PM EST
|
Authored by: NetArch on Tuesday, November 09 2004 @ 12:58 PM EST |
Just found this.
Jill Keogh mentions Apache's abhorance of the
Microsoft license provisions, but conveniently neglects to mention just why
Apache still doesn't agree with it. Of course, Pointnclickinc.com being an
e-mail "direct marketing know how" site actually backing SenderID and singing
Microsoft's tune doesn't mean that Pointnclickinc's revenue will be impacted by
widespread adoption of SenderID, would it now? ;-)
Let's leave further
interpretation of that to the reader... --- NetArch - building a better
Internet one subnet at a time... [ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 01:16 PM EST |
What would the legal position of bouncing emails because
the SenderID is not valid? I thought there was legislation
in place in both Europe and US where emails had to be
stored for a definite time.
In addition, at least in Germany, it is an offence to
interfere with the mail, this includes email! What is the
situation in the US and elsewhere? [ Reply to This | # ]
|
|
Authored by: Dr.Dubious DDQ on Tuesday, November 09 2004 @ 01:22 PM EST |
Referenced in the article is a survey that is 3 years
old now (the one at http://cr.yp.to/surveys/smtpsof
tware6.txt,
and a document on circleid.com that simply
states that the
big four Open Source mail servers handle
the majority of mail without giving
any sources or
figures. Are there any recent email server
surveys
that appear to be accurate?
I did find a pair of surveys at
falkotimme.com - March
2004 and April
2004 - but the huge discrepancy between numbers that
were supposedly only
a month apart (I find it hard to
believe that MS SMTP could jump by an order of
magnitude
while Postfix plummets from the 2nd largest at 20% to a
puny ~5% in
a single month) call the reliability of
the figures into question...
Anyone know of any more recent and/or larger
surveys? [ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 01:43 PM EST |
When I read what they have done, anyone can say "we are still
committed."
I believe Microsoft has successfully collasped the system that the CCIA has
stood for. I believe Microsoft has enough money to buy people's opinions and
judgements.
Why stand up for the people when Microsoft pays better?[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 02:14 PM EST |
If the FTC mandates the use of technology owned by a convicted monopolist, can
the public mandate perpetual oversight of the company like the PSC's for the
phone and power companies?
-- Alma
Why is there only one monopolies commission?[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 03:03 PM EST |
theregister
UK.gov meets and greets anti-patent lobby
http://www.theregister.co.uk/2004/11/09/patent_charm/
[ Reply to This | # ]
|
|
Authored by: moonbroth on Tuesday, November 09 2004 @ 03:21 PM EST |
Deposition
Schedule: unless something changed while I
wasn't looking, Chris Sontag
is due to be deposed today.
And Darl McBride follows in a week (16 Nov).
Happy days!
Cheers, Nick [ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 04:24 PM EST |
http://www.patents4innovation.org/index.php/eng/about_us/ [ Reply to This | # ]
|
|
Authored by: Tim Ransom on Tuesday, November 09 2004 @ 06:26 PM EST |
In an article titled 'Is Microsoft taking dead aim at Linux?':
Link
--- Th
anks again,
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, November 09 2004 @ 06:50 PM EST |
Allow us to sue the manufacturers whose products or services are offered for
sale in the SPAM. That should cut down on the problem instantly. (Even if we
allow some good faith exemptions.)
-- Alma[ Reply to This | # ]
|
|
Authored by: ikocher on Wednesday, November 10 2004 @ 05:02 PM EST |
First, I don't like spam.
I think spam is really a cultural problem. In the past people in the US (at
least) have been used to mail spam. Every body was "happy", because
the problem was self limited due to the fact that this spam costs real money to
a spammer (mail cost, paper cost), and even, paid a lot of money to US Postal
Service, so even the goverment was happy.
With the oportunity that email presents, spam moved to the new technology, lower
cost, easier, bigger pool.
Then people started to complain, because spammers pay almost nothing to spam,
and end users must do much more work to sort spam out. But if you see it is
only an upgrade to an old system, something that should have been stop decades
ago, but no one wanted to take.
Now that the problem is serious, with all that phishing, virii, etc added to it,
everybody wants to stop it.
A solution? Why not pgp/gpg? If somebody wants to send me an email I only
accept signed ones, but the infrastructure for it is quite small to Average Joe
to enter it.
Solution, there are many, but nobody wants to take it, again. M$ is trying, in
my opinion not a good solution, but they also want to stop everybody else in
between, jeopardize the system, at that is not good at all.
I wonder what could happen if AOL starts to deliver (forced) a email client that
works with pgp/gpg by default, plus the infrastructure for the keys, something
that Average Joe sees as natural way. Full backwards compatibility, others can
follow, and in the end AOL happy (as they have real problems with spam), as
every other person in the planet, except for spammers :).
Ivan
[ Reply to This | # ]
|
|
|
|
|