ietf-asrg
[Top] [All Lists]

Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"

2003-12-08 09:50:18

On Dec 8, 2003, at 11:41 AM, Mark Baugher wrote:

At 07:49 AM 12/8/2003, Derek J. Balling wrote:

On Dec 7, 2003, at 6:04 PM, Mark Baugher wrote:
  If DK means that each sender signs the message, then you have two
choices.  One is to have a domain-wide private key, in which case it
must change regularly, as spammers will quickly obtain it.

I don't know why you would assume this.

If I am $BIGCORP with $BIGNUM of employees, there's going to be less-than-honorable employees, there's going to be disgruntled ex-employees. If the sender signs their own message then your company's keys WILL get out into the wild.

I assumed that the MTA would have the private key and sign; not that the mail operator would hand our a *copy* of a public/private keypair to each sender. I have never heard of such a thing. Sorry that I missed that aspect of the yahoo proposal, where did they say that?

There are two basic scenarios, both with flaws:

1.) The MTA signs the message: This is problematic in the "traveling salesperson" type scenario, because often then cannot use their company mail server due to ISP filtering, etc.

2.) The MUA signs the message:  This yields one of two subproblems:
2.a.) The MUA signs using a "per-user" key : You now have to maintain in DNS several thousand keys for your large organizations 2.b.) The MUA signs using a "domain-wide" key : Every time you fire an employee you have to change the key or risk its misuse


Which of the three scenarios Yahoo intends to write into the spec is unknown, but all three are flawed. :-)

Cheers,
D


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>