[ih] OpenPGP and email lists

Mon Feb 3 11:37:27 PST 2025

Jack Haverty via Internet-history wrote:
> I agree that the details of today's technology are not yet of 
> historical relevance and belong elsewhere.  That wasn't my intent in 
> my initial post.
Well... how we got to today's technology is certainly relevant - 
underlying trends & pressures, as well as personalities and how 
decisions got made have a rather strong predictive value, and provide a 
lot of guidance on how we might steer things in positive directions.

> In particular, two other historical aspects of Internet History struck 
> me: the evolution of the "project management" of The Internet, and the 
> evolution of competing technologies, over the last half-century or so.
>
> My earlier reference to ARPA and NSF reflected the initial days of the 
> "project management" of The Internet.  ARPA clearly drove the effort 
> at first, making decisions, funding the work, and defining clear 
> scenarios that the Internet had to support.   NSF joined the team, 
> spreading the ARPA work beyond the military, and creating the first 
> ISPs, with a mandate and a deadline to figure out how to survive 
> without research funding.   Much later, W3C joined the team, and 
> performed similar, but more limited, functions for the Web. The 
> Internet grew explosively, starting as an ARPA-driven "Experiment" and 
> ending with the Internet Industry of today.
>
> Personally, I was involved in the early era and those projects. But 
> I'm sure there were lots of other people, organizations, corporations, 
> and associated decisions made over the decades that led to the 
> Internet of Today.

I'd kind of suggest that the "magic" of the Internet, from almost day 
one, was that the ARPA & NSF Program Managers deferred to the 
community.  An awful lot of decisions were made by initiative & 
consensus - a lot of it coming from folks in YOUR GROUP at BBN.  :-)

If the ARPA, NSF, DOE,and NASA program managers had acted like typical 
government program managers - we'd never have an Internet - we'd have a 
whole bunch of siloed networks, rather than networks built for 
interconnection & interoperability from the beginning.
> During the 1990s and 2000s, I watched as all of those competitors 
> disappeared.  It seemed like it happened almost overnight.  Few people 
> today likely even remember they existed.   TCP seems to be the sole 
> survivor.   There was a  cost however, such as fragmentation into 
> "walled gardens", email spam, identity theft, and such.
>
> The question for Internet Historians is:   How did all that happen? 
> Who made what decisions?  Why did TCP win?  Was it technically 
> superior to all of the others?  Or did all of the others make some bad 
> decisions along the way?  Were the "costs" inevitable?  Or ...?
>
> Perhaps some Historian will put the whole story together.

Some of it is very clear:

- As soon as the Internet opened to the public, commercial pressures 
pushed toward "market segmentation," capturing market segments, and 
directly to "walled gardens" - which has long been the bugaboo of those 
of us who see the Net as a platform for large scale deliberation & 
collaboration.

- IMHO, TCP "won" because the DoD suite had a strong customer base, and 
actually worked.  That's the message that came out of the European 
Interop show - while the OSI folks were promising "real soon now," folks 
where shipping TCP/IP/Telnet/FTP/SMTP, and deploying it into serious 
systems.  DEC & IBM went along, Wang didn't - losing their business with 
the Army, and, IMHO, leading to their demise.  (I was up close and 
personal with some of the attempts to get Wang to step up and support 
the DoD stack, in the days leading up to the Flag Day.  What a bunch of 
wankers.)

Miles Fidelman

>
> Jack Haverty
>
> On 2/1/25 14:41, touch at strayalpha.com wrote:
>> OK, so now I need to step in and remind everyone that this list is 
>> for discussions of Internet History.
>>
>> Debates on how to run an email list should be taken elsewhere.
>>
>> Please stay on-topic and remember that this list isn’t run by the 
>> ISOC; it’s only hosted by the ISOC.
>>
>> Joe
>> —
>> Dr. Joe Touch, temporal epistemologist
>> www.strayalpha.com
>>
>>> On Feb 1, 2025, at 1:00 PM, Andrew G. Malis via Internet-history 
>>> <internet-history at elists.isoc.org> wrote:
>>>
>>> Jack,
>>>
>>> This discussion is getting pretty far afield from the original 
>>> topic, so I
>>> changed the subject. it's also getting away from Internet History, 
>>> so we
>>> may have to take this elsewhere. :-)
>>>
>>> OpenPGP is orthogonal to DMARC, SPF, etc., and email list header 
>>> munging.
>>> It's meant for end-to-end security between pairs of email users.
>>>
>>> You typically wouldn't use it on an email list because you use the
>>> receiver's public key to encrypt the email that you're sending. 
>>> Thus, the
>>> receiver with the matching private key will be the only person able 
>>> to read
>>> it.
>>>
>>> Cheers,
>>> Andy
>>>
>>> On Sat, Feb 1, 2025 at 3:14 PM Jack Haverty via Internet-history <
>>> internet-history at elists.isoc.org> wrote:
>>>
>>>> Well... I disagree, or at least don't understand.
>>>>
>>>> Last year when I was receiving complaints that some people weren't
>>>> getting my email, I learned more than I ever wanted to know about 
>>>> those
>>>> "munging mechanisms" such as DMARC, SPF, PGP, et al.  It's a mess, and
>>>> it seems that mailing lists can no longer be considered reliable as 
>>>> more
>>>> and more "anti-spam" measures are created.
>>>>
>>>> IMHO, "doing it right" by breaking digital signatures negates a
>>>> mechanism that might reduce spam.  With such signatures, it 
>>>> possible to
>>>> determine that a message actually came from the person who seems to 
>>>> have
>>>> sent it.
>>>>
>>>> In this case, "doing it right" contradicts other IETF-driven work 
>>>> which
>>>> might alleviate email spam, e.g.:
>>>> https://www.openpgp.org/about/standard/
>>>>
>>>> That doesn't seem "right" to me.    ISOC doesn't even sign the altered
>>>> messages it send to the list, to confirm that the ISOC server was the
>>>> actual source.
>>>>
>>>> Such strategy likely motivates people to migrate to other
>>>> closed-community systems, e.g., Whatsapp or its competitors.
>>>>
>>>> IMHO, most people, governments, corporations, and others would 
>>>> probably
>>>> agree that spam is a serious and worsening problem with the Internet.
>>>> If ISOC agrees, they could use their own systems to define, develop,
>>>> debug, test, and then showcase how to "do it right" - as ARPA and NSF
>>>> did back in the early days.
>>>>
>>>> Jack
>>>>
>>>> On 1/31/25 16:46, Brian E Carpenter via Internet-history wrote:
>>>>> Jack,
>>>>>
>>>>> Back when 95% (or whatever the exact fraction is) of email wasn't 
>>>>> spam,
>>>>> mailing list operators didn't have to do anything special. But today,
>>>>> every mailing list operator has to either do a number of things that
>>>>> involve munging messages in one way or another, to avoid anti-spam
>>>>> mechanisms used by all the major email provders, or give up and close
>>>>> the lists. An expert on this such as John Levine could explain many
>>>>> of those munging mechanisms, so I won't try. But ISOC's choice is to
>>>>> rewrite the nominal sender of the mail to match the actual sender, 
>>>>> i.e.
>>>>>   Jack Haverty via Internet-history 
>>>>> <internet-history at elists.isoc.org>
>>>>> for your messages, so naturally they will not be signed by you 
>>>>> when they
>>>>> reach subscribers. That's "doing it right" in the era of pervasive 
>>>>> spam.
>>>>>
>>>>> As for:
>>>>>
>>>>>>>> Large items should be posted via links to other storage sites.
>>>>>
>>>>> Surely people here of all people are aware that mailing list archives
>>>>> are a very poor method of digital conservation. For example, many
>>>>> (probably most) IETF WG mail archives prior to the lists being hosted
>>>>> at ietf.org are incomplete or lost.
>>>>>
>>>>> Regards
>>>>>   Brian Carpenter
>>>>>
>>>>> On 01-Feb-25 08:10, Jack Haverty via Internet-history wrote:
>>>>>> Thanks, Joe.  I didn't remember ISOC's specific limitations until 
>>>>>> I got
>>>>>> the rejection report, which said the message was too big.   So I 
>>>>>> quickly
>>>>>> converted the photo into a smaller size of 80KB, to fit well 
>>>>>> within the
>>>>>> 400KB constraint, and resent it.  The second try made it through the
>>>>>> list server, but the image was stripped away with no indication 
>>>>>> that it
>>>>>> had ever been there.  I realize you can't do anything about it and
>>>>>> sympathize.
>>>>>>
>>>>>> Apparently the ISOC service silently censors and alters messages 
>>>>>> as they
>>>>>> pass through.   The recipients don't get what I sent.  It also 
>>>>>> breaks my
>>>>>> digital signature.   I'm disappointed that ISOC, as parent of the
>>>>>> Engineering arm of the Internet, doesn't use its own services as
>>>>>> showcase models of "best practice" to demonstrate how to "do it 
>>>>>> right",
>>>>>> as ARPA, NSF, et al did back in the early days of the Internet.
>>>>>>
>>>>>> Jack Haverty
>>>>>>
>>>>>> On 1/31/25 07:40, touch at strayalpha.com wrote:
>>>>>>>
>>>>>>>> On Jan 30, 2025, at 11:27 PM, Jack Haverty via Internet-history
>>>>>>>> <internet-history at elists.isoc.org> wrote:
>>>>>>>>
>>>>>>>> [trying again... furst try was rejected "Message too big." The
>>>>>>>> Internet can now handle gigabit speeds, but apparently not emails
>>>>>>>> more than 400 kilobytes?]
>>>>>>>
>>>>>>> That’s correct; as has been noted before, this list is for 
>>>>>>> discussions
>>>>>>> but is not a storage archive.
>>>>>>>
>>>>>>> Large items should be posted via links to other storage sites.
>>>>>>>
>>>>>>> Joe (list admin)
>>>>>>
>>>>>>
>>>>
>>>> -- 
>>>> Internet-history mailing list
>>>> Internet-history at elists.isoc.org
>>>> https://elists.isoc.org/mailman/listinfo/internet-history
>>>>
>>> -- 
>>> Internet-history mailing list
>>> Internet-history at elists.isoc.org
>>> https://elists.isoc.org/mailman/listinfo/internet-history
>>
>
>

-- 
In theory, there is no difference between theory and practice.
In practice, there is.  .... Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown