ietf-asrg
[Top] [All Lists]

Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"

2003-12-08 08:37:56
Mark Baugher <mbaugher(_at_)cisco(_dot_)com> wrote:
  If DK means that each sender signs the message, then you have two
choices.  One is to have a domain-wide private key, in which case it
must change regularly, as spammers will quickly obtain it.

I don't know why you would assume this.

  If every user has access to the private key to sign outgoing
messages, then spammers have access to it, too.  After all, spammers
can sign up for accounts at ISP's...

A big problem with per-user private keys is that these
private keys are vulnerable when user machines are infected with
viruses.

  That's really outside of the scope of the solution.

  However, having *signed* viruses means you're pretty sure whose
machine is infected.

  I don't expect the mail operator's machines to be so vulnerable.
Also, past experience has shown that most users hate to use
cryptographic technologies for email or anything else when they have
a choice.

  I thought the whole point of the solution was that users wouldn't
even know their messages were being signed.

(Why not
just then have every domain put user authentication information in
DNS, and have every recipient MTA do SMTP AUTH?  It's entirely
equivalent, and doesn't require much in the way of user-agent
changes.)

This sounds like a very good approach from MTA(s)->MTA(r), but
what about the case of MTA(s)->MTA(i)->MTA(r), which is a rare
case that nonetheless needs to be supported?

  See the LMAP discussion document for ways to do this.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg