new | ask | show | jobs
taink 3 days ago  [ - ]

Why should curation be centralized? We do not need a "decentralized dictatorship" (what would that even be? that's antithetical) and we certainly do not need a centralized one. It seems crazy that your solutions to AI, spam, and "automated traffic" (I don't know what that is, I assume web crawlers and such) is that the police control every single transaction.

First off, we can simply let the user, or client software, choose. Why should we let centralized servers do that by default?

At scale, DNS is somewhat centralized but authorities are disconnected from internet providers and web browsers. They're the best actors to regulate this.

For mail, couldn't we come up with a mail-DNS, that authenticates senders? There could be different limits based on whether you are an individual or a company, and whether you're sending 10'000 emails or just 100.

Regardless of whether these are good solutions -- why jump to extreme ones? "TINA" is not a helpful argument, it's a slogan.

parliament32 3 days ago  [ - ]

> For mail, couldn't we come up with a mail-DNS, that authenticates senders?

So RFC 7672? https://datatracker.ietf.org/doc/html/rfc7672

taink 3 days ago  [ - ]

I have no knowledge of DANE but its reliance on DNSSEC makes me worried that it would be difficult for people to adopt it.

Also, I think it solves a different problem: it prevents spoofing/MITM but what about legitimate certificates? We would still need CAs that actually curate their customers and hold them accountable. And we would need email servers/clients to differentiate between strict CAs and ones that are used solely for encryption purposes.

I don't know that DNS should be applied to emails as is anyway but I find it could force spammers to operate with publicly available information which would make holding them accountable easier.

account42 2 days ago  [ - ]

> I have no knowledge of DANE but its reliance on DNSSEC makes me worried that it would be difficult for people to adopt it.

It's not hard to set up DNSSEC as long as your DNS server software supports it and most people don't run their own authorative DNS servers anyway.

tptacek 2 days ago  [ - ]

Uh huh.

https://ianix.com/pub/dnssec-outages.html