R: R: R: [jdev] about spim techniques

[Tijl Houtbeckers]

On Sun, 28 Aug 2005 11:29:51 +0200, Sander Devrieze  
<s.devrieze at pandora.be> wrote:

> Op zondag 28 augustus 2005 00:31, schreef Tijl Houtbeckers:
>
>> The point is, if you're just gonna introduce accountability there is no
>> point as long as our XMPP network itself has such low standards of anti
>> spim measures and spim related techology (eg. spim detection: I  
>> seriously
>> doubt any automated spam detection will work very well on spim).
>
> The authority might require you for example to fix or disable in band
> registration before it gives you a certificate. Another requirement  
> might be
> that you deny access to your server from spimming people. Remember that a
> server will not be blacklisted immediately when some user of it starts
> spimming; it should be a structural spim problem: many spim and no  
> actions
> from the server admin to solve the problem after other servers pointed  
> the
> server to the problem.

Well, what CAs traditionally do is make sure the certificate they provide  
you with is acountable. Once you have that, you can use it to proof your  
identity to people (up to a certain point of course). If you expand the  
role of the CA to become the policer of a community and make it  
responsible for white/black listing servers or even other other CAs you're  
no longer talking about an open network. You're in fact centralizing the  
control into an organisation, "federation" if you like.

I don't have a problem with that, if people want to do that, that's fine.  
However, I'd rather see them use this to raise the level of trust between  
certain servers, not to exclude everyone else. So while it's fine what you  
suggest, I think (imho) it's naive to assume this is the solution to all  
our problem. The "darwin" effect in such an orginization will not just be  
who's best at blocking spim, but also power, money, infuence etc. (in  
other words, politics).


>> In short, I think introducing accountability for servera (by  
>> certificates
>> or another method) is overrated as a solution for combatting spim (or
>> spam). All it does is take the problem one level up (to servers) from
>> where it really comes (users), which seems fine till the spimmers come  
>> in
>> and suddenly a whole server gets blacklisted (and you see the problem  
>> also
>> propagates to the next level). Same when you take it yet another level
>> higher (whitelisting CAs).
>
> I don't agree. If the server admin takes actions to solve the spim, he  
> *never*
> will loose his certificate. If he is blacklisted because he did nothing,  
> he
> is punished as he will loose users. If it is a commercial server less  
> users
> means less earnings. So it is the money that finally drives them to be  
> very
> hard for spimmers and help us with techniques to fight spim.

A good admin might never loose it (I wouldn't be that sure (see above),  
but let's assume this). What about a good user? If I'm a good user on what  
once was a good server with a good admin. Then they hire a worse one,  
(s)he fucks up, and now I can't communicate with my friends? Why? Cause  
you pushed a problem that comes from users, bad users (spimmers), and  
pushed it to the server level. Same as the original idea of whitelisted  
CAs (though you seem to agree with me on that now). What if I'm a very  
good admin, I get a certificate from some form CA. Later that CA wants to  
make more money (VeriSign? :P) so they decide to skimp on checking their  
users and issue a bunch of certificates to spimmers. The CA gets  
blacklisted, and suddenly my server (and all the users) can't communicate  
anymore?

In fact, I can accept all those things ("federations" of trusted networks,  
policing "CAs", etc.) as long as when my server  (or CA) suddenly gets  
blacklisted, or if I in fact don't want to belong to any of them, I can  
still communicate with them. *Certainly* with the users already on my  
roster that have me in their roster, but I should still be able to add new  
users too. There can be a "price" for this, maybe the other server will  
send me some kind of test, or maybe it will even require me to have some  
kind of registration on that server, and maybe it will not require those  
things if I can automatically (transparently to the other user) establish  
there is already a trust relationship between us. Or any other things we  
can think of..

With this, it is possible for a server to garantue to their users a  
certain level of reliability and quality regarding the identity of the  
other user that tries to contact them, regardless of whether that user is  
on their own server or from somewhere else. If we can offer that to  
Google, why would they refuse?

I personally think these techniques are the most important for building a  
reliable, truly open network. If they work well, the need for a  
"federation" or something else that decides who can and can't be (trusted)  
on the network might not even be so great. (though it could still have  
it's uses)