ietf-mailsig
[Top] [All Lists]

Re: epostage, hashcash, callbacks, was MASS Security Review document

2005-02-15 17:13:14

On Tue, 2005-02-15 at 13:58 -0500, John R Levine wrote:
I am concerned that people who are suggesting finer granularity don't
appreciate the performance problems that can cause.

John, 

There is something that may alleviate your concerns.

- Large domains make a revocation-identifier available, and when an
  account gets revoked, the provider cancels the account and publishes
  the revocation record.  

- There is still a need to protect receiving SMTP servers using name
  and IP address based reputation.

- The name check can be applied to both to the Signature-domain as well
  as the HELO-domain.

When the HELO is within the Signature-domain, there should be no need to
check for account revocation and should be a practical matter to ensure
these two names are consistent and commonly used together.  It also
alleviates a subsequent need to repeat a name reputation check.

Only for cases where the HELO and Signature are not coincident, (and
where a signature have real value), would the revocation-check be
desired.  Ensuring authentication of HELO would also be desired, but
this too can be done in a single DNS lookup. : )

The alternative using some type of path registration could invite DoS
attacks and likely create higher overhead.  The provider remains
accountable and would be expected to squelch abuse as it is detected.
Monitoring this effort is then made easy by the publishing of the
revocation records, together with an immediate cessation of abuse.

-Doug

     


<Prev in Thread] Current Thread [Next in Thread>