Now Is the Time to Finally Kill Spam - A Call to Action

[R. A. Hettinga]

<http://www.linuxworld.com/story/34285_p.htm>

Now Is the Time to Finally Kill Spam  - A Call to Action
October 12, 2003, http://www.linuxworld.com/story/34285.htm
Summary
'Spam is becoming a crisis,' says LinuxWorld Senior Editor James Turner,
'threatening to turn a valuable commodity (e-mail and the Internet) into a
vast wasteland.' Here Turner lays out a simple plan for putting a
definitive end to spamming and spammers. Read it and decide whether he's
hit the nail on the head.

By James Turner ?


Over the last few weeks, I've finally been pushed over the edge of sanity
by the scumbags who fill our mailboxes (and now Web sites) with thousands
upon thousands of scams, porn offers, and downright trash.

It was bad enough when I was just getting spam in my in-box, luckily tools
like Spam Assassin do a pretty good job of identifying it these days. But
now the spammers are trolling the Net looking for anyone running a blog,
and spamming their comment system with ads for everything from Viagra to
Kiddie Porn sites.

The time to stop this nonsense is now, and there's a non-governmental,
low-cost, low-effort way it could happen. Here's my plan of action, it's
not original to me but I want to lay it out publicly as a battle plan:
There need to be low-cost providers of personal public key certificates
that require ID in order to receive the certificate (if the bar set was a
faxed or mailed copy of a picture ID, it could probably be done for under
$10/person). Thawte offers a free service today that can either be
notarized for free by a trusted person, or for $25 by them.
All commercial and open source mail clients need to have a simple and easy
way to do a public key signature of an outgoing e-mail message.
The clients also need to be adapted to reject or place into a trash mail
folder any incoming e-mail that is not so signed.
The same mechanism needs to be available to allow a Web page submission to
be signed.

What this mechanism would allow is to definitively identify the identity of
spammers, so that legal action could be taken against them. If you guard
your privacy, and don't want to sign your e-mails, fine. I guard my time,
and will ignore your e-mail (or at least treat it as likely to be spam).
Sites that need anonymity (like whistleblower sites) can choose not to
require a signed submission.

Spam is becoming a crisis, threatening to turn a valuable commodity (e-mail
and the Internet) into a vast wasteland. The tools are there to stop it,
all we need is the critical mass of users and e-mail client developers to
slam the door.

About the author
James Turner, senior editor of  LinuxWorld Magazine, is president of Black
Bear Software as well as director of software development of  Benefit
Systems, Inc. James has written for Wired, Christian Science Monitor,  and
other publications. He is currently working on his third book on open
source development.


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com