Matthew wrote:
1) domain.com uses a self generated private key to sign each
message that originates at one of its MTA.
On Wed, Oct 08, 2003 at 09:23:54PM -0700, Phil Karn wrote:
This is pretty much what GPG and S/MIME already do, if you consider the
protected "from" address to be the email address on the public key, not
the From address on the message (which the signature obsoletes anyway.)
Some important differences between what I propose and what
(AFAIK) GPG and S/MIME:
* the getting a signed cert with a protected "from" address
introduces the question of which Certificate Authorities do you trust?
how much do you trust them? and hom much to they cost?
The system I propose vest authority in the domain owners
ability to control DNS, rather than the cooperation of Certificate
Authorities.
* GPG and S/MIME operate at the email client (is it called
MUA? "mail user agent"?) level, not the MTA level. It is much easier
to roll out new technologies at the MTA level, because you don't have
to train every user how to use them. You only have to train the mail
admististrators, and they are technically much more savvy.
* S/MIME (and GPG?) modify the message body. S/MIME adds an
attachement. I think GPG either adds an attachment or writes the
signature in the body of the message.
Yes, you can certainly publish the keys or even set up your own private,
alternative PKI hierarchy, but this is not strictly necessary.
It _is_ indeed necessary if you want to fight forged From
headers on an efficient systematic basis, rather than on a one
whitelist entry at a time basis.
Both SPF and my proposal have value in the absence of a
whitelist. If you have a whitelist, and you don't want to communicate
with people who are not on your whitelist, then why do you need
anything else? I do not understand why you would need anything more.
This was the brilliant insight behind SSH -- that all (or nearly
all) of the benefits of public key cryptography can be had for many
important applications without a formal PKI.
But the SSH to email parallel you are trying to establish does
not hold, for the following reasons:
1) the first time you use SSH connect to a new server, you
have no way of knowing if someone is launching a man in the middle
attack. Spammers only need to connect to you that first time to
deliver spam.
2) You connect to remote servers with SSH. But spammers
connect to your server.
3) The servers you connect to either have set DNS hostnames,
or set IP addresses. Email has neither. Any email can be sent from
any IP address with SMTP.
And it's the formal PKI that ordinarily makes public key
cryptography so complicated and creates choke-points and
opportunities for monopolistic abuse by companies like Verisign.
I agree with you. The solution I proposed uses self-signed
certificates (or plain private-public key pairs). There is no
reliance on certificate authorities. Instead, we rely on the near
certainty that a domain owners will be able to control which public
keys are distributed via DNS on behalf of the domains he/she owns.
-Matthew.
______________________________________________________________________
matthew(_at_)syrah(_dot_)us
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡