Re: ] Replay attacks and ISP business models



On Aug 5, 2005, at 9:35 AM, Andrew Newton wrote:

On Aug 3, 2005, at 6:38 PM, Tony Finch wrote:
One thing that hasn't been mentioned yet is the idea of "soft"defencesagainst replay attacks. For example, a suitable reputation orrevocationservice could include a rate-limiting system, so that as well aspass andfail they could return an intermediate result that would translateinto anSMTP 450 response. This could be used to slow down a bulk mailinguntil it
becomes clear whether it's good or bad.
Zombies spreading the load around to different points of injectioncould get around these "soft" defenses. And given the lack ofclarity in being able to describe the problem we are trying to getDKIM to solve (as witnessed in the BoF), I find relying on lesswell-defined mechanisms to shore up some of the issues with DKIM tobe unpalatable and giving of an incomplete story to observers.
DKIM needs to have a good story regarding defense of replay.However, I'm now less convinced of Doug's revocation ID idea. Italmost seems that replay can be detected just by monitoring thenumber of queries against a user key. This would be especiallytrue if the other key retrieval methods are used for user keying.

The use of the DNS query would provide some warning especially withrespect to the revocation-identifier. There would be much less todifferentiate abuse with a common key on a large domain. I assumeyou are suggesting that per-user keys would be a solution for largedomains, which seems to be a reason you now indicate DKIMspecifically protects the mailbox address. While this could beattempted, it would not be always true. When this is true or nottrue would not be apparent. I would say it is safer to declare thatDKIM provides an accountable domain. Yes, key servers would bettersupport per-user keys. Will DKIM get per-user keys off the ground.Is that the goal of DKIM?

I would also say that for DKIM to have a benefit, finding anaccountable domain is not enough. This domain must be able to takepositive action to stop abuse. This was the idea behind therevocation-identifier.


-Doug

<Prev in Thread]	Current Thread	[Next in Thread>
] Replay attacks and ISP business models, Sam Hartman Re: ] Replay attacks and ISP business models, Jim Fenton Re: ] Replay attacks and ISP business models, william(at)elan.net Re: ] Replay attacks and ISP business models, Tony Finch Re: ] Replay attacks and ISP business models, Andrew Newton Re: ] Replay attacks and ISP business models, william(at)elan.net Re: ] Replay attacks and ISP business models, Tony Finch Re: ] Replay attacks and ISP business models, william(at)elan.net Re: ] Replay attacks and ISP business models, Michael Thomas Re: ] Replay attacks and ISP business models, Douglas Otis Re: ] Replay attacks and ISP business models, Douglas Otis <= Re: Replay attacks and ISP business models, John Levine Re: Replay attacks and ISP business models, Andrew Newton Re: Replay attacks and ISP business models, John R Levine Re: Replay attacks and ISP business models, wayne Re: Replay attacks, what's that?, John Levine [ietf-dkim] Re: Replay attacks, what's that?, Douglas Otis Re: [ietf-dkim] Re: Replay attacks, what's that?, Tony Finch Re: [ietf-dkim] Re: Replay attacks, what's that?, Douglas Otis Re: Replay attacks and ISP business models, Andrew Newton Re: Replay attacks and ISP business models, John R Levine

Previous by Date:	Moving DKIM standardization discussion to ietf-dkim(_at_)mipassoc(_dot_)org, Dave Crocker
Next by Date:	Re: DKIM Verification Algorithm, Jim Fenton
Previous by Thread:	Re: ] Replay attacks and ISP business models, Douglas Otis
Next by Thread:	Re: Replay attacks and ISP business models, John Levine
Indexes:	[Date] [Thread] [Top] [All Lists]