mail-ng
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: list of user-visible goals

2004-02-06 09:00:11
from [Hadmut Danisch] [Permanent Link] 

Hi Ian,
G'Day Mate, 

On Fri, Feb 06, 2004 at 07:37:55PM +1000, Ian Peter wrote:



Is that really a matter of the "email" mechanism or just of the
transported content?


I think it needs to be addressed by the "email" mechanism, because if
the medium is unsecure, unreliable, untrustworthy, can make false
address claims, or be redirected to somewhere I don't intend it to go
(to give a few examples) email cannot be readily used for secure
purposes.



You should urgently distinguish between the several layers of
communication. I usually use a layer model quite similar to the 
ISO layer model, but mapped to TCP/IP services, where every layer 
can have it's own security mechanism, e.g. for e-mail:

1 Physical                            Physical Protection
2 Data Link                           Switch/Media encryption
3 Network       IPv4/v6               IPSEC
4 Transport     TCP                   SSL
5 Session       SMTP                  ?
6 Presentation  RFC822                S/MIME
7 Application   MailReader            PGP


It sh/could be a task of mail-ng to fill the gap at the '?'. 
But this does not mean, that every protection needs to be 
at the mail protocol layer (5). Each layer's security mechanism
is limited to the lifetime of the transport mechanism. E.g.
IPSEC might live from router to router only, SSL from Mail-relay
to Mail-relay. And Mail protocol security would last from sender to
receiver, but not any longer.

Especially for financial transactions you definitely need a security
mechanism that lasts longer than just for the transport. This means
that financial transactions require security layers above layer 
7 which survive the transport in space and do last in time. 
They need a transport independent protocol such as HBCI, which 
is an apropriate protocol for such purposes. It must not depend on the 
security of the underlying transport mechanism, including anything
what has to do with e-mail transport, and thus financial transactions
must be beyond the scope of a mail transport mechanism. 

However, this does not mean to not fill the gap at the '?', it
just means that financial transactions are not the fitting example. 

Spam protection is a good example for a mechanism placed at the 
'?'.




Brisbane 4000 Australia


... I love Brizzy and I do miss bending the Bananas...


regards
Hadmut
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: list of user-visible goals, Iljitsch van Beijnum
Next by Date:  Email address mobility, Jochen Topf
Previous by Thread:  RE: list of user-visible goals, Ian Peter
Next by Thread:  RE: list of user-visible goals, Victor Engmark
Indexes:  [Date] [Thread] [Top] [All Lists]