ietf
[Top] [All Lists]

Re: Certificate / CPS issues

2003-06-06 14:36:52
At 12:40 06/06/03 -0700, Einar Stefferud wrote:
OK, so what happens when someone else uses my address, perhaps using
my passport, captured from some mail sent by me to someone?

I think the term of art is "being Joe Jobbed".

Every now and then,  I get a bounced report that claims something I sent
is being returned, but it was not sent by me.  This "something" is most
often spam sent to someone else.  Sometimes it contains a virus.
Apparently this  is a trick to get me to open it.

I see a couple of differences: re-using someone's email address is easy ... I've had a flurry of 'bounces' recently for messages I certainly did not send. But the information to send those (deceitful) messages is very easily obtained.

By putting some of the information behind a cryptrographic screen, it becomes harder for others to casually use it.

And if security is compromised, then the cert gets revoked and the genuine owner has to buy another one. Hey, don't we occasionally lose theatre tickets? Tough, but not disastrous -- we just have to buy another one.

Anyway, I think your Passport Scheme needs some more work.

I'm sure it does!

#g
--

At 11:50 +0100 6/6/03, Graham Klyne wrote:
>At 12:12 05/06/03 -0700, Hallam-Baker, Phillip wrote:
>>A spam sender could attempt to use disposable certificates in the same way
>>that IP addresses and dialup accounts are considered disposable. This is
>>unlikely to work for long, the spam sender can set up lots of shell
>>companies at the same address but if the CA keeps authenticating to the same
>>address or phone number the pattern will soon become apparent.
>
>Hmmm... is there an economic play here?
>
><background>
>First, briefly, my view of the spam situation. I don't think it's fundamentally an Internet protocol design issue (though some design tweaks may help). Essentially, I think people currently have the choice of
>(1) putting filters in place and accept the loss of some non-spam mail, or
>(2) accepting a deluge of spam, and not lose any mail. In practice, I think this option doesn't exist, because I find that (lacking spam filters) I do lose a few pieces of non-spam mail because I don't recognize the sender or subject. So I see a way forward to be a "passport" mechanism to reliably bypass automated spam filters, a kind of whitelist++.
></background>
>
>So back to my question: is there an economic play here?
>
>(I was offered the opinion once that a big *disadvantage* of email compared with fax for business transactions was that it has almost zero incremental cost of use.)
>
>I'm thinking of a cert issued for a small sum of money, without any authentication other than the purchaser promises something like "I promise not to spam with this certificate". At the earliest evidence of it being used for spamming, it is revoked. The price should be small enough to be accessible to any reasonable person, but high enough that the bill for daily or hourly renewal would become significant.
>
>Maybe crazy, just thinking aloud...
>
>#g
>
>
>-------------------
>Graham Klyne
><GK(_at_)NineByNine(_dot_)org>
>PGP: 0FAA 69FF C083 000B A2E9  A131 01B9 1C7A DBCA CB5E

-------------------
Graham Klyne
<GK(_at_)NineByNine(_dot_)org>
PGP: 0FAA 69FF C083 000B A2E9  A131 01B9 1C7A DBCA CB5E




<Prev in Thread] Current Thread [Next in Thread>