On May 24, 2009, at 12:58 AM, Amir Herzberg wrote:
Hi guys, I wrote a `critical review' of SPF, DKIM and Sender-ID
Framework (SIDF); it's in process of publication at `computer &
security`, you can see it at http://dx.doi.org/10.1016/j.cose.2009.05.002
(pending editing, final changes etc.). Nothing much new, just an
attempt to provide a fair-yet-critical survey, hopefully to help
clarify this important subject. Comments will be most welcome.
Abstract below.
I'm not going to pay $31.50 to review someone's work. Nor is anyone
else, I suspect.
Cheers,
Steve
Amir Herzberg
Title: DNS-based Email Sender Authentication Mechanisms: a Critical
Review
Abstract
We describe and compare three predominant email sender
authentication mechanisms based on DNS: SPF, DKIM and Sender-ID
Framework (SIDF). These mechanisms are designed mainly to assist in
filtering of undesirable email messages, in particular spam and
phishing emails.We clarify the limitations of these mechanisms,
identify risks, and make recommendations. In particular, we discuss
potential abuse of these mechanisms to facilitate DNS poisoning, and
suggest countermeasures.
--
Amir Herzberg
Associate Professor, Dept. of Computer Science
Bar Ilan University
http://AmirHerzberg.com
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg