R: [jdev] [Standards-JIG] anti-spim techniques

[Roberto Della Pasqua]

IMHO after all arguments,

Will be enough a whitelist with certificates (free) into a central
repository, as pgp do.

1) domain receive message from another domain not yet checked
2) interrogate central reposity for public keys 

That's all. 

Then both auth procedures and antispam laws do the rest.

Everything will try to slowdown, close the protocol will stop the adoption
of the xmpp as standard.

Eventually large domains can adopt a signal spammer technique:
If a user in msn domain (if they will adopt xmpp for example) is signaled,
then msn xmpp server don't permit to forward the message.

Roby

-----Messaggio originale-----
Da: jdev-bounces at jabber.org [mailto:jdev-bounces at jabber.org] Per conto di
Steve Kennedy
Inviato: domenica 28 agosto 2005 13.47
A: 'Jabber software development list'
Oggetto: Re: [jdev] [Standards-JIG] anti-spim techniques

On Sun, Aug 28, 2005 at 11:40:27AM +0100, Ian Paterson wrote:

> Ensuring SPIM will not be worthwhile, even with a network of 'zombie'
> client or server machines, clearly needs multiple measures. IMHO we 
> need to move forward ASAP with some of the good ideas that Tijl, 
> Sander and others were putting forward on the JDEV list yesterday. 
> (I've tried to summarise them here.)

You have to be very wary of privacy laws !!!

In the UK and EU they're getting very strick on this, so if you hold
information relating to an identifiable person you have to make it available
to them, change it if it's wrong, make reasonable attempts against identity
theft etc. Keep logs ...


Steve

--
NetTek Ltd  Fax +44-(0)20 7483 2455
Skype / In  stevekennedyuk / UK +442088167166 / US +13106518226 Vonage UK
+442079932612 / US +13108577715 / UK mob 07775 755503 Personal Blog
http://stevekennedy.blogspot.com Euro Tech News Blog
http://eurotechnews.blogspot.com
_______________________________________________
jdev mailing list
jdev at jabber.org
http://mail.jabber.org/mailman/listinfo/jdev