IETF Logo Mail Archive

Re: [Asrg] seeking comments on new RMX article

J C Lawrence <claw@kanga.nu> Tue, 06 May 2003 23:49 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA14435 for <asrg-archive@odin.ietf.org>; Tue, 6 May 2003 19:49:29 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h46NwCV09314 for asrg-archive@odin.ietf.org; Tue, 6 May 2003 19:58:12 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46NwC809311 for <asrg-web-archive@optimus.ietf.org>; Tue, 6 May 2003 19:58:12 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA14417; Tue, 6 May 2003 19:48:59 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DCDA-0003Xe-00; Tue, 06 May 2003 19:51:04 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19DCD9-0003Xb-00; Tue, 06 May 2003 19:51:03 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46Nu2809203; Tue, 6 May 2003 19:56:02 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46Nts809185 for <asrg@optimus.ietf.org>; Tue, 6 May 2003 19:55:54 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA14382 for <asrg@ietf.org>; Tue, 6 May 2003 19:46:41 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DCAw-0003X6-00 for asrg@ietf.org; Tue, 06 May 2003 19:48:46 -0400
Received: from ocker.kanga.nu ([198.144.204.213] helo=dingo.home.kanga.nu) by ietf-mx with esmtp (Exim 4.12) id 19DCAv-0003X3-00 for asrg@ietf.org; Tue, 06 May 2003 19:48:46 -0400
Received: from localhost ([127.0.0.1] helo=kanga.nu) by dingo.home.kanga.nu with esmtp (Exim 3.35 #1 (Debian)) id 19DCBh-0003GZ-00; Tue, 06 May 2003 16:49:33 -0700
To: Michael Rubel <asrg@mikerubel.org>
cc: "Eric D. Williams" <eric@infobro.com>, "asrg@ietf.org" <asrg@ietf.org>
Subject: Re: [Asrg] seeking comments on new RMX article
In-Reply-To: Message from Michael Rubel <asrg@mikerubel.org> of "Tue, 06 May 2003 12:10:21 PDT." <Pine.LNX.4.44.0305061204030.26063-100000@entropy.galcit.caltech.edu>
References: <Pine.LNX.4.44.0305061204030.26063-100000@entropy.galcit.caltech.edu>
X-face: ?<YUs-cNP1\Oc-H>^_yw@fA`CEX&}--=*&XqXbF-oePvxaT4(kyt\nwM9]{]N!>b^K}-Mb9 YH%saz^>nq5usBlD"s{(.h'_w|U^3ldUq7wVZz$`u>MB(-4$f\a6Eu8.e=Pf\
X-image-url: http://www.kanga.nu/~claw/kanga.face.tiff
X-url: http://www.kanga.nu/~claw/
Message-ID: <12558.1052264973@kanga.nu>
From: J C Lawrence <claw@kanga.nu>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 06 May 2003 16:49:33 -0700

On Tue, 6 May 2003 12:10:21 -0700 (PDT) 
Michael Rubel <asrg@mikerubel.org> wrote:

>> BoxA is compromised.
 
>> The zombie code sucks in a spamming engine (SE).
 
>> The SE determines the mail configuration of BoxA in terms of
>> appropriate SMTP envelope etc from the registry.
 
>> BoxA spams away using the stolen credentials from its registry.

> Thank you--you've raised a reasonable, cogent objection.

Nope, there's nothing in there specific to RMX, RMX just prompted some
mental noodling which ended up with me doing some arm waving at future
attack vectors.  RMX is broken for simpler reasons, which have been well
covered without my help.

> As you note, RMX would not help against this kind of attack, and
> frankly neither would any other proposal I'm aware of.  If I can trick
> your machine into thinking I'm you, then I can do bad things in your
> name and thus make you look bad.

Quite.  As I noted at the time, this is a core problem with edge
authentication schema, and isn't necessarily resolvable.

> I submit that RMX gives a significant improvement, and it's just
> simple/easy enough that people might start using it!

Deployment expenses with RMX are a significant problem, as are the ROI
curves related to percentage deployments and fundamental email use
costs.  You can arm-wave technical solutions at them, but they merely
increase the deployment, support, and maintenance costs for a negative
ROI on the part of the deployer.  You are attempting to recreate
top-down authority structures when the natural (and proper?) tendency of
the field in normal legitimate use is for
self-authenticating/identifying nodes, not external nomination systems.

<shrug>

Now, can we move on to digging out a proposal which has a chance of
being useful instead of beating dead horses?  

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw@kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email