[gnso-rds-pdp-wg] On some security claims (was Re: Apologies, and some reflections on requirements)
Group CEO-Vaibhav Aggarwal
va at bladebrains.com
Mon Jul 4 16:14:52 UTC 2016
Andrew,
Points u have written are baseless and display ur uneasiness of learning about "How Internet works"
I won't present a retort here which is targeted to a specific individual and not try to waste anyone's time in reading.
But if u are a internet conneseiur, then u wud never write a baseless argument over a suggestion. So I request back off and stick to the agenda.
Lets keep the nice nodes open to data exchange and not block the speed by writing baselessly.
Best regards,
-VA
Sent from my mobile device. Typos regretted.
> On Jul 4, 2016, at 9:30 PM, Andrew Sullivan <ajs at anvilwalrusden.com> wrote:
>
> Hi,
>
> Responding to two messages at once. I think there are some technical
> misconceptions in the messages from Catalyst-Vaibhav Aggarwal. We
> won't get anywhere if we proceed by believing false things about how
> the Internet works.
>
>> On Mon, Jul 04, 2016 at 03:19:53PM +0530, Catalyst-Vaibhav Aggarwal wrote:
>>
>> And any such suggestion can easily be implemented with the Automation of
>> the entire Verification process. For Eg. Gmail has a two Step
>> Authentication - One on the Password and the other on the Phone Number of
>> the User.
>
> Actually, no. What Google two-step authentication does is bind a
> login to both a password and some other communication factor. It does
> not actually tell you who is at the other end, and can't. There is a
> serious and important difference for our purposes between
> authenticating that the same indvidual is undertaking two different
> actions, and identifying who that individual is when (e.g.) wandering
> around in the street.
>
>> This is a issue regaining the safety of me, my family
>
> Can you say more about how you think registration of domain names in
> the global DNS could (even a little bit) affect the safety of you or
> your family? In particular,
>
>> or anybody will be willing to compromise. And the Lives being lost and the
>
> could you say some more about how you think anyone's life hangs in the
> balance due to registration of domain names?
>
> Also,
>
>> On Mon, Jul 04, 2016 at 04:28:29PM +0530, Catalyst-Vaibhav Aggarwal wrote:
>>
>> As far as Security for the Email Addresses is concerned, every email server
>> has a built in SMTP verification mechanism that either can be switched on or
>> Off as per the need may be - Most servers or Service providers don’t switch
>> it on as there is a cost added to their overall Network Management or
>> Infrastructure. BUT Gmail has implemented it. That is why we are able to see
>> Classification of Mails in our mail boxes.
>
> I would appreciate a pointer to the documentation of this SMTP
> verification mechanism of which you speak. I'm reasonably familiar
> with the SMTP specifications, and I'm not really sure what feature
> you're talking about. If you mean the SMTP VRFY verb, I don't think
> it does what you think it does, and it has been widely regarded as a
> spam-promoting feature since at least 1999. It is certainly not the
> basis for Google's classification of your email, which (depending on
> how you use it) depends on them reading either your headers or your
> mail bodies to classify it for you.
>
> Best regards,
>
> A
>
> --
> Andrew Sullivan
> ajs at anvilwalrusden.com
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
More information about the gnso-rds-pdp-wg
mailing list