On Tue, 8 Mar 2005, Michael Thomas wrote:
On Mon, 2005-03-07 at 15:29 -0800, Hallam-Baker, Phillip wrote:
Yes, the attack can happen fast, but if they are sending spam the revocation
check will get hammered and there is a great way to spot something odd going
on.
I've only been following this thread minimally, but it seems that
any revocation scheme would have to rely on some form of automatic
population lest you run into the issues Jim raises. But what I don't
recall seeing is whether there's any reason to believe that such
auto-revocation schemes could possibly have an acceptable false
positive rate within the necessary reaction time (ie, such that
the horses are not running wild on the plains to continue this
tortured analogy). It seems like an easier hand-wave than the
reality of implementation.
I agree with Thomas. I think implementation-wise workable revocation
system that can really deal with replay attack will be overly complex
and not worth it (and replay attacks are unlikely to be serious problem
anyway, there are a lot easier social-engineering schemes that spammers
already use).
At the same time, while I'm sceptical about dns revocation scheme we're
discussing, I really don't see anything serious to not have had tried
it out (just in case we're wrong and replay attacks happen often and good
implementations do appear) as an option if sender wants to use it and
and is willing to take additional dns load.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net