[Cryptography] STARTTLS, was IAB Statement on Internet Confidentiality

grarpamp grarpamp at gmail.com
Wed Nov 19 14:25:37 EST 2014

On Tue, Nov 18, 2014 at 11:29 PM, John Gilmore <gnu at toad.com> wrote:
> Censorship of customer communications is always a "best practice"
> according to some people.  Blocking communications based on the port
> number in use?

Today some people on this list tried to tell me that 'Port 25 is SMTP'.
That's funny because I use it for SSH.

> That seems to many people to be heinous,
> "picking winners and losers", discriminating against
> traffic based on what the endpoint services are, etc.  Wasn't
> Network Neutrality supposed to outlaw all such discrimination?

Yes it was.

> Or, is it a catchphrase for "only the politically correct people
> are allowed to censor or discriminate against traffic"?

It's doublespeak now, said political promises vanish once elected.
If the discriminators get their way you better hope you have
real estate in the Balkans.

> The fact that some ISPs covertly built that censorship into a
> supposedly transparent network must be why I never get any spam these
> days.  But it doesn't matter to zealots whether their methods actually
> work or not.  They're mad at spammers, and "Hulk smash" is their main
> response.  Reason, principle, protocols, and respect all went out the
> window.
> Anti-spammers have done far more damage to the Internet than spammers.
> Now they are claiming that we can't be permitted to encrypt our
> Internet connections because then their censorship scheme would stop
> working?

Yes they are. You better encrypt the net now before they're
able to inject that power twist into arguments of political arms.

> I don't see any spammers claiming that end users should not
> be permitted to encrypt their emails nor any other traffic.  To take
> the privacy of our communications into our own hands, it is the
> anti-spammers who stand in our way, not the spammers.

Just like AdBlockPlus, user's mail clients should be shipped and
extensible with simple local filtering spam/virus/malware processing
engines. Users, having no such simple plugin tools available to them
in early days, complained of spam which drove provider/anti filtering
more than providers separate ability to handle the traffic load did. All
the anti position did for providers was shift their cost from disk spool
storing it to cpu rejecting it. And users got censorship tools developed
and deployed against them in return. Failure!

Users need to do their own filtering and encrypt now.

>> Here, for example, is a
>> recommendation on the topic that MAAWG published in 2005:
>> https://www.maawg.org/sites/maawg/files/news/MAAWG_Port25rec0511.pdf
> Exactly -- an anti-spammer group, the "Messaging, Malware and Mobile
> Anti-Abuse Working Group", MAAWG.  Hmm, there seem to be more M's in
> there than in their domain name.  Perhaps once they started advocating
> censorship for one reason ("Messaging"), they found all sorts of
> other reasons for it, too.  When you have a censorship hammer, every
> problem looks like a need for censorship.
>         John Gilmore
>        (who regularly, daily, gets his personally typed emails - just
>         like this one -- censored without recourse, by the ISPs of
>         recipients who rely on unreliable third party censorship
>         blacklists.)

More information about the cryptography mailing list