[gnso-rds-pdp-wg] On some security claims (was Re: Apologies, and some reflections on requirements)

Group CEO-Vaibhav Aggarwal va at bladebrains.com
Mon Jul 4 16:14:52 UTC 2016 

Andrew,

Points u have written are baseless and display ur uneasiness of learning about "How Internet works"

I won't present a retort here which is targeted to a specific individual and not try to waste anyone's time in reading. 
But if u are a internet conneseiur, then u wud never write a baseless argument over a suggestion. So I request back off and stick to the agenda. 

Lets keep the nice nodes open to data exchange and not block the speed by writing baselessly. 

Best regards,
-VA

Sent from my mobile device. Typos regretted.

> On Jul 4, 2016, at 9:30 PM, Andrew Sullivan <ajs at anvilwalrusden.com> wrote:
> 
> Hi,
> 
> Responding to two messages at once.  I think there are some technical
> misconceptions in the messages from Catalyst-Vaibhav Aggarwal.  We
> won't get anywhere if we proceed by believing false things about how
> the Internet works.
> 
>> On Mon, Jul 04, 2016 at 03:19:53PM +0530, Catalyst-Vaibhav Aggarwal wrote:
>> 
>> And any such suggestion can easily be implemented with the Automation of
>> the entire Verification process. For Eg. Gmail has a two Step
>> Authentication - One on the Password and the other on the Phone Number of
>> the User.
> 
> Actually, no.  What Google two-step authentication does is bind a
> login to both a password and some other communication factor.  It does
> not actually tell you who is at the other end, and can't.  There is a
> serious and important difference for our purposes between
> authenticating that the same indvidual is undertaking two different
> actions, and identifying who that individual is when (e.g.) wandering
> around in the street.
> 
>> This is a issue regaining the safety of me, my family
> 
> Can you say more about how you think registration of domain names in
> the global DNS could (even a little bit) affect the safety of you or
> your family?  In particular,
> 
>> or anybody will be willing to compromise. And the Lives being lost and the
> 
> could you say some more about how you think anyone's life hangs in the
> balance due to registration of domain names?
> 
> Also,
> 
>> On Mon, Jul 04, 2016 at 04:28:29PM +0530, Catalyst-Vaibhav Aggarwal wrote:
>> 
>> As far as Security for the Email Addresses is concerned, every email server
>> has a built in SMTP verification mechanism that either can be switched on or
>> Off as per the need may be -  Most servers or Service providers don’t switch
>> it on as there is a cost added to their overall Network Management or
>> Infrastructure. BUT Gmail has implemented it. That is why we are able to see
>> Classification of Mails in our mail boxes.
> 
> I would appreciate a pointer to the documentation of this SMTP
> verification mechanism of which you speak.  I'm reasonably familiar
> with the SMTP specifications, and I'm not really sure what feature
> you're talking about.  If you mean the SMTP VRFY verb, I don't think
> it does what you think it does, and it has been widely regarded as a
> spam-promoting feature since at least 1999.  It is certainly not the
> basis for Google's classification of your email, which (depending on
> how you use it) depends on them reading either your headers or your
> mail bodies to classify it for you.
> 
> Best regards,
> 
> A
> 
> -- 
> Andrew Sullivan
> ajs at anvilwalrusden.com
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list