Yakov Shafranovich wrote:
Doug Royer wrote:
For small and reasonably well defined communities, a company signing
its employees certs, or various geekly groups who know each other,
sigs can work, but I've never been able to see a plausible way to
scale up to the whole world of e-mail.
This is mixing subjects. Being able to validate that the 'From' line
is not forged
has nothing to do with black or white lists. You can black or white
list
based on email address as well as certs - no change to scaleability.
While S/MIME certificates may prove to you that a given email address
or domain is valid, the question is what do we do with that
information? The end goal here is to reduce spam - the question is how
would the use of S/MIME help with that?
Computer automated traceability when you trust the CA.
Computer automated cert blacklist creation on spam detection.
Currently it takes manual labor to track spam. Some things can be
automated, others
take manual time to verify or decipher the true source of the spam. With
certs from
trusted CAs you can automatically process the cert back to the cert domain
and complain, blacklist or whatever.
Now you know who is responsible for the domain that used that 'From'
line. I can automate
the rejection of that cert. And over time I may elect to stop trusting
and toss all email
signed by that CA if it turns out they sell a cert to anyone for any domain.
If all email was required to be signed. A spammer could buy a cert from
a trusted
CA. It would take seconds to minutes for that cert to be blacklisted
once they started
sending spam. They would get one shot per cert and that cert would then
be useless
in a very short amount of time. They would hit very view systems that used a
shared cert blacklist. It would not matter if each copy of the spam was
unique
or not. A VERY expensive way to send spam.
This is the same problem that we face with LMAP/MARID proposals like
SPF - once you have established identity, what do you do with that
identity? Same for IP addresses of MTAs.
Not sure why you think that SPF establishes identity. It only says that
domain X is
valid for sending with the address for the listed domain.
Virtual hosting makes blacklisting the IP address a hostile act to the
innocent
domains on the same shared virtual hosts. Not the same issue.
If over time I learn that 'spam-certs-ca' sells certs for any domain
name
I can blacklist any cert signed by them. MUCH more scalable that
trying to guess the thousands 'From' address that may be sending spam.
Just like we cannot blacklist domain registrars, we will not be able
to do the same for CAs. All that the CA is providing is assurance that
a given email address or domain matches the information in the
certificate. They do not try to tell us whether a given person is a
spammer. Same for domain registrars.
I agree and I never claimed it would stop spam. I claimed it would stop
forged email.
And I claim that it would allow for much faster an accurate spam blacklists.
Anyone can blacklist a non-trusted CA.
--
Doug Royer | http://INET-Consulting.com
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com | Office: (208)520-4044
http://Royer.com/People/Doug | Fax: (866)594-8574
| Cell: (208)520-4044
We Do Standards - You Need Standards
smime.p7s
Description: S/MIME Cryptographic Signature