spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why not just use S/MIME or GPG signatures?

2003-10-08 21:23:54
from [Phil Karn] [Permanent Link] 
Matthew wrote:


        1) domain.com uses a self generated private key to sign each
message that originates at one of its MTA.  The signature might
include include: the from address, the to address, the subject of the
message, a hash of the message body (and more?).  The signature would
be added to the message as a header.
This is pretty much what GPG and S/MIME already do, if you consider the protected "from" address to be the email address on the public key, not the From address on the message (which the signature obsoletes anyway.) 



        2) domain.com uses DNS TXT records to publish the URL from
which its public key(s) can be downloaded.

        Such a system, which operates only at the endpoints, allows
the receiving MTA to verify that signed messages are valid, no matter
how many times they have been forwarded.  This prevents forged frome
headers and allows whitelist and blacklisting at the domain level.
Yes, you can certainly publish the keys or even set up your own private, alternative PKI hierarchy, but this is not strictly necessary. Many email users have a relatively static white list, so simply including the keys in the signatures and caching them at the receiver the first time they're seen (as Mozilla Mail does with S/MIME) would permit them to automatically verify all future mail from those senders. No elaborate certificate hierarchy or key publication scheme is needed.
This was the brilliant insight behind SSH -- that all (or nearly all) of the benefits of public key cryptography can be had for many important applications without a formal PKI. And it's the formal PKI that ordinarily makes public key cryptography so complicated and creates choke-points and opportunities for monopolistic abuse by companies like Verisign. 

Phil

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Why not just use S/MIME or GPG signatures?, Phil Karn
Next by Date:  respecting per-user preferences, Meng Weng Wong
Previous by Thread:  Re: Why not just use S/MIME or GPG signatures?, Matthew
Next by Thread:  Re: Why not just use S/MIME or GPG signatures?, Matthew
Indexes:  [Date] [Thread] [Top] [All Lists]