Americans needed to help latest anti-Microsoft battle [Fwd: Position of the SPF Community]

Steve Bougerolle steveb at bougerolle.net
Tue Nov 9 08:16:29 PST 2004


-------- Forwarded Message --------
From: James Couzens <jcouzens at 6o4.ca>
Reply-To: jcouzens at 6o4.ca
To: VAN_LUG-DISCUSS LIST <vanlug at gweep.ca>, VICLUG LIST
<discuss at vlug.org>
Subject: Position of the SPF Community
Date: Tue, 09 Nov 2004 05:50:24 -0800
Fellow VANLUG (Vancouver) and VLUG (Victoria) Members,

Today marks the beginning of the NIST Email Authentication event in
Washington DC which regrettably I was unable to attend.  This is a very
important event because of what the FTC has stipulated in relation to a
solution that aides in lowering SPAM -- which is that they will choose
one based on a technology that there is industry consensus toward, or
they will seek to define, or will define one which they will mandate the
use of in the US.

This affects all of us.  And I assure you I'm not wearing any tin hat
when I tell you that the worlds most underhanded and technically
incompetent software company and monopolizing wonderchild Microsoft is
using their political power to manipulate this in their favour.

Earlier this year Meng Weng Wong without asking any of the community
involved developers of SPF (myself included) if he could merge SPF with
CallerID to form SenderID.  We were enraged but powerless.  MARID was
formed and ultimately closed due to an inability to arrive at a
consensus due primarily to IPR claims stemming from the SenderID RFC
Draft.  (I believe this was intentional given their goal with the FTC).

We (the SPF community) have gotten together and have formed a document
which outlines our position on SenderID.  I encourage all of you here to
read this document, and if agreeable to you, that you sign the "SPF
Community Position on SenderID Pledge" stating such.

Positions: http://OpenSPF.org/OpenSPF_community_position_v101.html
Pledge:    http://OpenSPF.org

Microsoft can NOT be allowed to get away with this.  As I've stated
elsewhere several times, imagine if you say had to purchase a
cryptographic key in order to send email?  By this I imply that there is
a possibility that the employment of cryptographic keys would be a
requirement if you wanted large email providers to accept email from
you.  Don't think it can happen?  Believe me, its possible.

Microsoft in typical underhanded fashion was passing this document
around:

http://www.truste.org/pdf/Sender_ID_FTC_Letter.pdf

You can see the companies who have signed it at the bottom.  Whats most
notable are the companies that are missing from that document.  (IE:
AOL)

Food for thought:

http://www.eweek.com/article2/0%2C1759%2C1714680%2C00.asp

Thank you for taking the time to consider this information.  Help keep
the Internet an Open venue for Standards developed by people who
actually know what they are doing.

Cheers,

James

-- 
James Couzens,
Programmer
                                                     ( ( (      
      ((__))         __\|/__        __|-|__        '. ___ .'    
       (00)           (o o)          (0~0)        '  (> <) '    
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF

-- 
Steve Bougerolle <steveb at bougerolle.net>
http://www.bougerolle.net
http://www.sebgitech.com
http://www.imperialrealms.com




More information about the lfs-chat mailing list