In "Another Whack at Spam", Tim Bray describes a solution similar to my Trusted E-mail Network (TEN) idea (also read "Fixing E-Mail") - via Dave whose blog I read before Tim's blog.  He arrived at the solution while talking about spam at Foo Camp with Jeremy Zawodny, Dave Sifry, and Doug Cutting.

He also thinks digital signing should be done by mail servers instead of users.  But his thinking differs from mine in how the trusted network of mail servers should be organized and the network's relationship with mail servers outside the network.  I believe the network should be backed by a business entity in charge of issuing and revoking certs to member mail servers, maintaining and providing trust rating information on mail servers and mail users, etc.

While I like loosely-coupled peer network as much as anyone, I believe PKI and responsiveness requirements call for a central authority.  Under Tim's solution, each mail servers are given too much room for misbehavior and removal of a rogue mail server takes too much time.  What I want is the ability to shutdown a rogue user or mail server within hours, not days.

Update #1 - 10/13/2003 11:15AM PST

Liz Lawley raised some key concerns that reminded me to fill in some missing pieces of the TEN model.

Open Source

Since there is nothing proprietary about TEN servers, there will be plenty of open source TEN-enabled mail servers and TEN-enabling patches for popular open source mail servers.  So TEN servers will be very affordable.

Private E-Mail Network

TEN servers should be able to use multiple PKI.  This means each TEN server will have multiple certs to sign e-mails with depending on the source and the destination of each e-mail.

If the mail exchange is completely within an organization, the message can be signed with a self-signed cert after checking to see if the sender meets the private TEN's trust rating requirement.  For mail sent outside the private TEN, a public TEN cert assigned to that TEN server should be used but only if the mail sender has sufficiently high TEN rating.

Free or Subsidized

A Private TEN does not have to charge fees.  For example, American universities can form a national private TEN, with each university or department running their own TEN server, that allows students and staffs from any of the member universities to exchange e-mail with each other without a fee.  Some universities could even sponsor some percentage of the fee for e-mails sent outside the University TEN.

Global Trusted E-Mail Network

While anyone can run a TEN server, not everyone will be able to get a Global TEN cert that enables e-mails to be trusted by anyone world-wide.  There are three ways to get a Global TEN cert:

1. Implicit Trust - you are trusted without doubt or reserve
2. Bonded Trust - you put up money to be trusted
3. Sponsored Trust - you are trusted by someone with a Global TEN cert.

Implicit and bonded trusts are obvious so I won't go into details about them unless someone asks.  Sponsored trust means a there is relationship between the sponsoring organization and the sponsored.  Each trusted mail sent from a sponsored organization affects both organizations if a complain is lodged against the mail.

For example, if a Stanford physics student sends out a mail with virus to someone, trust rating of Stanford Physics Department's TEN server and Stanford's TEN server will be degraded because the school sponsored the department.  If Stanford is a member of American University TEN, then the American University TEN's trust rating is degraded.

Paolo has all the links to Blog Babes in Italy.  These blogs seem to be tied to some kind of blogging promotion and nude calendar event in Italy, but some of the girls have stayed on blogging.  Livietta, in particular, gave me a good morning vector.  Her pose reminds me of the famous painting by Sandro Botticelli: The Birth of Venus.

Grazie, Paolo!

Amazing treasury of stills and video from 75 years of Newsreel.  Low-res versions can be used freely.  Hi-res 300 dpi versions can be licensed.  I think the low-res versions are good enough for most web-uses unless you need to zoom-in on small sections.  BTW, don't go there now because the site just opened and is swamped.

Yesterday, I was looking at Hemera Photo-Objects series and got side-tracked as usual into thinking about value-added multimedia contents.  Photo-Objects is basically an image plus a mask.  There is no reason for the image and the mask to be together.  Likewise for image transforms.  In a sense these are like add-ons for an image and one could potentially search for all available add-ons given an image's URL or URI.  The same can be done with audio.  Given any audio, there are countless ways to transform it.  Also, a song doesn't have to be played in just one way or have just one lyric per language.

Only problem is that there is no infrastructure for value-added content.  There are plenty of tools to create them, but what do you do with them once you have them?  You can't find them reliably using search engines nor are there ways to buy or sell them.

While I was getting a haircut today, I thought about the scalability problem of solutions like TEN and SMTP4All.

Digitally signing each message will reduce mail throughput significantly.  Some of the throughput loss will be offset by removal of spam which will reduce message traffic by as much as 90%.  Scalability problem remains still because mail traffic is not constant.

Add to this the cost of bi-directional authentication between sender-SMTP and receiver SMTP.  If messages per session is high (i.e. mail traffic between AOL and MSN), cost will be minimal.  But I suspect the average number of messages per session is pretty low, meaning near one message per session.