David H. Crocker is a principal with Brandenburg InternetWorking. He designs network-based applications businesses and distributed system architectures. His current efforts focus on the creation of Internet-based businesses built on a solid foundation of customer benefit and revenue potential.
Dave worked in the ARPA network research community during the 1970s, and led product development efforts at MCI and various Silicon Valley companies, during the 1980s. He then founded several startup companies, serving as CEO for one. Dave developed and operated two national email services, designed two others, and was CEO of a community non-profit ISP. His senior management product efforts cover email clients and servers, core protocol stacks for TCP/IP and OSI, network management control stations, and knowledge management tools for product support. For his work on email, Dave is a co-recipient of the 2004 IEEE Internet Award.
Dave has been leading and authoring Internet standards for thirty-five years, covering Internet mail, instant messaging, facsimile and EDI. He has also contributed to work on Internet security, ecommerce, domain name service, emergency services, and even some TCP and IP enhancements. He has authored more than 50 IETF Requests For Comments. Dave served as an Area Director for the Internet Engineering Task Force, variously overseeing network management, middleware and the IETF standards process. He is also a Senior Technical Adviser for the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) industry trade association.
Except where otherwise noted, all postings by Dave Crocker on CircleID are licensed under a Creative Commons License.
The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible. more
Email is a complex service and email abuse adds confusing deceptions. Worse, like postal mail and even telephone service, Internet mail is inherently open, flexible and even anonymous, making things much easier for abusers. Bad actors hide their true identity and their true purpose. Most other communication tools for users also are also quite open, and problems with email are being replicated elsewhere, such as instant messaging and social media. more
Mike Hammer's thoughtful article, A Few Thoughts on the Future of Email Authentication, should trigger thoughtfulness in the rest of us. Email abuse has been around a long time. Anti-abuse efforts have too. Yet global abuse traffic has grown into the 90+% range, with no hint of trending downward. The best we hear about current effectiveness is for last-hop filtering, if you have the money, staff and skills to apply to the problem... more
Without commenting on the particulars as they relate to Goodmail -- especially since I am on the advisory board for Habeas, a competitor -- let me note that public discussion is largely missing the nature of the current Internet mail realities and the nature of the ways we can deal with them. There are two articles in the current issue of the Internet Protocol Journal, of which I wrote one, that provide some useful background about this reality. Simply put, Internet mail needs to sustain spontaneous communications... more
A World-Renowned Source for Internet Developments. Serving Since 2002.