"william(at)elan" == william(at)elan net <william(_at_)elan(_dot_)net>
writes:
william(at)elan> On Fri, 14 Jan 2005, Douglas Otis wrote:
>> The point was not wanting to wait for a key to expire used by
>> many accounts. Such a key will likely be retained for more
>> than a week to ensure delivery of mail. A spammer could send
>> themselves the various spam they wish to distribute and, even
>> if the account is closed, they could send millions of copies of
>> these messages from elsewhere and receive confirmation until
>> the expiration of the key. A spammer would only need 50
>> accounts to continue their spamming for year by abusing the
>> signature. Without being able to immediately respond to a
>> problem, defending the signature's reputation or seeing a
>> benefit from the use of a signature would be made difficult.
william(at)elan> I do not think this is quite correct. I really do
william(at)elan> not see a need for key revocation service. All
william(at)elan> that is necessary is to either remove key record
william(at)elan> from dns (or authorization server) or if you want
william(at)elan> stronger meaning that the key actually got into
william(at)elan> wrong hands, we could engineer additional flag
william(at)elan> saying that authorization record is for key that
william(at)elan> has been revoked.
The problem is that typically a key will be used to sign messages for
the entire domain.
I'me got some spammer using my key. He already has say 10 messages
signed; he can send those to as many recipients as he wants.
I notice the problem. Immediately I generate a new key and start
signing mail with it. However I'm left with two unfortunate choices:
1) Drop the old key immediately creating a problem both for the
spammer and for authorized mail I have in transit.
2) Waiting for my authorized mail to make its way through the system,
giving the spammer a longer time to send his spam.
As people have pointed out, per-user keys do provide some protection
against this attack.
--Sam