ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 3b. SMTP Verification - Reputation Systems and their Problems

2004-03-04 01:55:32
from [Eugene Crosser] [Permanent Link] 
On Thu, 2004-03-04 at 00:10, Yakov Shafranovich wrote:

Mark Foster wrote:

On Wed, Mar 03, 2004 at 02:37:23PM -0500, Yakov Shafranovich wrote:


In the current world the closest approximation we have to reputation 
systems that are planned with LMAP are blacklists and Senderbase. Given 
that current blacklists have numerous problems, why would any proposed 
reputation or accrediation systems of the future be any different? How 
are we planning on avoiding the same problems we have today in the 
future, if we want to deploy such systems?



I've been doing some research into the use of STARTTLS and certificate
verification. The possibility exists for overlaying a
PKI trust model onto the email infrastructure... not just S/MIME and
PGP/GPG, but securing the message relay transmissions (MTA to MTA).



The problem with the PKI model is key distribution. If we follow the 
current SSL scheme that might work BUT then you are making Verisign and 
other CAs the gatekeepers for the Internet - and can have repercussions. 
For example, in the SSL market according to 
(http://www.securityspace.com/s_survey/sdata/200402/certca.html), 
Verisign and Thawte have 30% and 20% each. HOWEVER, according to 
(http://www.thawte.com/html/CORPORATE/today.html), Thawte is owned by 
Verisign, which implies that 50% of the SSL market is controlled by one 
company. Do you really want a few companies to choose who gets the right 
to send email? Of course, a distributed system like DomainKeys can help 
with some of these problems, but the main problems that blacklists have 
are still there.

Also, SSL certificates today only *idenfity* the site, not provide its 
reputation. Changing CAs into reputation systems, will involve a whole 
new set of challenges. These challenges are mostly present today in 
blacklists which is exactly what worries me - I don't see yet how any of 
these problems can be avoided in any reputation systems.


I would say, authentication and reputation can be done by completely
unrelated parties.  Reputation lists could use servers' certificates the
same way they use their IP addresses now.

Otherwise, I agree that there is too much contraversy and "political"
uncertainty surrounding x509.  Primarily due to its strictly
hierarchical model, not well suitable for today's world.

Eugene


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Re: 3b. SMTP Session Verification - STARTTLS, Yakov Shafranovich
Next by Date:  [Asrg] RE: 3b. SMTP Session Verification - STARTTLS, Hallam-Baker, Phillip
Previous by Thread:  Re: [Asrg] 3b. SMTP Verification - Reputation Systems and their Problems, Yakov Shafranovich
Next by Thread:  Re: [Asrg] 3b. SMTP Verification - Reputation Systems and their Problems, Alan DeKok
Indexes:  [Date] [Thread] [Top] [All Lists]