IETF Logo Mail Archive

Re: [Asrg] Proven solution for authenticating messages

Prasenjeet Dutta <bulk@chaoszone.org> Tue, 04 March 2003 07:20 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA08005 for <asrg-archive@odin.ietf.org>; Tue, 4 Mar 2003 02:20:36 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h247UvZ10555 for asrg-archive@odin.ietf.org; Tue, 4 Mar 2003 02:30:57 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h247Uvp10552 for <asrg-web-archive@optimus.ietf.org>; Tue, 4 Mar 2003 02:30:57 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA07996; Tue, 4 Mar 2003 02:20:05 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h247U2p10496; Tue, 4 Mar 2003 02:30:02 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h247TTp10436 for <asrg@optimus.ietf.org>; Tue, 4 Mar 2003 02:29:29 -0500
Received: from vesta (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA07978 for <asrg@ietf.org>; Tue, 4 Mar 2003 02:18:34 -0500 (EST)
Received: from [127.0.0.1] by vesta (ArGoSoft Mail Server, Version 1.8 (1.8.1.2)); Tue, 4 Mar 2003 12:50:28
Message-ID: <3E6453B9.2080905@chaoszone.org>
From: Prasenjeet Dutta <bulk@chaoszone.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030210
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: asrg@ietf.org
CC: mike.pearson@ssc.govt.nz
Subject: Re: [Asrg] Proven solution for authenticating messages
References: <7B170C5E4008D311ABB70008C7D3825B03BC340E@saison.ssc.govt.nz> <20030303213350.GA13559@danisch.de>
In-Reply-To: <20030303213350.GA13559@danisch.de>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 04 Mar 2003 12:50:25 +0530
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

Hadmut Danisch wrote:

> - Almost the same could be achieved by simply using the
>   STARTTLS command of ESMTP. Our rackland server is configured
>   to use it, but a view on the log files shows that extremely
>   few other servers support this.
 >
>   Why not simply use TLS if it already exists and is implemented? 
>   Because people refuse to use it.

It could also be because most PKI infrastructure is based on the X.509 
model, which (though scalable) requires folk needing a certificate to 
cough up cash to CAs like Verisign. Also, for secure personal 
communication (as opposed to electronic commerce), PGP has been arguably 
far more popular than S/MIME. Especially given its free, bottom-up 'web 
of trust' model, PGP may well succeed where the top-down X.509 has not.

Again, what is the goal of using TLS for email? Securing the messages? 
That opens up a new battle with the monitoring agencies. Or is it (from 
the anti-spam point of view) to let SMTP servers non-repudiably identify 
themselves? If this is the goal, then it can be done with far less 
overhead than TLS.

Digital signatures inserted by the *server* (not by the user, who should 
not have to bother with the complexity of this) to identify *itself*, 
using an  RFC 2440 infrastructure, may be more successful in making 
individual SMTP servers identifiable and accountable for what they spew 
onto the Internet. Consider this fragment:

O:  Received: from localhost by europa
O:    (Exim version 3.12 #1); Wed, 22 Jan 2003 07:10:06
O:  Origin-Server-Identity: public-key;
O:	europa.uri.com (12.10.58.222)
O:  Origin-Server-Key: <mailto:osk+europa@uri.com>
O:  Origin-Server-Signature: rfc2440; encoding=base64
O:	iQA/AwUAPi2tY1VioDO/jwwhEQIyrACg6HYQDh+ynXbfqSp+4hF3kfb6zQIAnRYN
O:	Ca1gPsBiRizLdYbtci4yVJRziQA/AwUAPi2tY1VioDO/jwwhEQIyrACg6HYQDh+y
O:	nXbfqSp+4hF3kfb6zQIAnRYNCa1gPsBiRizLdYbtci4yVJRz
O:	=1cuV
O:  Message-ID: <002b01c2c1b7$30889ab0$1c01010a@europa>

Here, the Origin-Server-Identity and Origin-Server-Key is signed and the 
signature is placed inline in the Origin-Server-Signature header. This 
signature can even be created offline as a one-time affair. The 
recipient server (or a plug-in within it) would have to compare the 
stated origin server name/IP address with the actual server name/IP 
address, and check if the key is trusted, as well as for revocation.

The best part is, given modern mail servers and their ability to run 
plug-ins, all of this is doable without any change to existing MTAs. No 
change is required to MUAs or users' email habits as well.


-- 
Prasenjeet Dutta
http://www.chaoszone.org/



_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email