[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 6. Proposals - Challenge/response - CRI

To: asrg@ietf.org
Subject: Re: [Asrg] 6. Proposals - Challenge/response - CRI
From: Andrew Akehurst <A.D.Akehurst-99@student.lboro.ac.uk>
Date: Wed, 20 Aug 2003 09:48:40 +0100 (BST)
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org
User-agent: IMP/PHP IMAP webmail program 2.2.8

Hello everyone

Some forwarded further reaction to the CRI proposal here from David.
I've had a few ideas myself over the past couple of days and I'll be
posting them shortly.

Thanks

Andrew

----- Forwarded message from david nicol <whatever@davidnicol.com> -----
>
> I think it's too complex and fiddles with too many preexisting
> protocols.
>
>
> Recently someone on the djbdns mailing list wrote an autoresponder
> to reply to the challenges that that mailing list sends out on every
> list posting.  Someone else forged messages from the autoresponder
> author's return address and the forged messages appeared on the
> list.  So the autoresponder in question was merely operating at
> level one and not level two of the three levels defined in the draft,
> which I found to be a good set of definitions.
>
> I am opposed to level three.  As computing power keeps increasing,
> as well as the availability of human brains, when properly organized,
> turing test systems become useless.
>
> I think a good thing to agree on might be an XML DTD for challenges
> and responses, which could be embedded into a human-readable
> challenge message that states the same thing as the XML challenge,
> for those users (initially everyone) who do not use a CRI-enabled
> MUA.
>
> What information would beed to be in there, to have level two
> functionality?  Last night I came up with what I believe is a
> workable set:
>
> 1: message-ID of the message in question.  Message-IDs are generated
> by the MUA (well they can be) and the MUA can remember which ones it
> generated.  Message-ID alone allows a valid Message-ID to be attached
> to an invalid message, so Message-ID is not sufficient.
>
> 2: MD5 hash of the body of the message.  By including this information,
> it is only possible to forge a message that was actually sent.
>
> 3: subject line.  It appears in the header, not the body, and it
> is good to include the subject line in human-readable forms.
>
>
> So when tom@example.com sends a message to abigail@example.net,
> the abigail's MUA might generate a challenge like follows and
> send it to tom before accepting tom's message (and perhaps
> caching tom's return address and the smtp server the message
> arrived from as valid and not warranting future challenges)
>
> envelope-return-address: abigail-cribounce@example.net
> evelope-recipient: tom@example.com
> X-Asrg-Cri-Status: Challenge
> Message-Id: <cri-challenge-...@example.net>
> From: <abigail@example.net>
> Date: ...
> Subject: Challenge re: Beans?
>
> This message is a challenge to verify that tom@example.com
> sent a message with subject line <<Beans?>> to
> abigail@example.net.
>
> If you sent the message in question, please forward this
> challenge message to abigail@example.net (replying to
> it should work)
>
> If you did not send the message and would like to report
> an abuse incident, please forward this challenge message
> to abusebot@example.net.
>
> The following XML block is included for people using
> CRI-enabled e-mail software.
>
> <challenge>
> <challengeid>847568276345.24958793287</challengeid>
> <messageid>oiuhgkjnetoij@example.com</messageid>
> <bodyhash>c5fb7d43ba68c638b75485220a3c3372</bodyhash>
> <subject>Beans?</subject>
> <forwardifgood>abigail@example.net</forwardifgood>
> <forwardifbad>abusebot@example.net</forwardifbad>
> </challenge>
>
> __END__
>
>
> I suppose this could all be done with headers instead of
> a block in the message body, but headers often get lost.
>
>
>
> I think the only really significant semantic suggestion I'm making
> is that a hash of the body of a message should be included to
> prevent forgeries of level-two systems.
>
>
> How would it interact with mailing lists?
>
> * the CRI-enabled MUA would have a way to turn off challenges for
> known-good sources (guest-list, known-good mailing lists) without
> presuming a source good simply due to the appearance of some header
> or other.
>
> * the CRI-enabled listserv would recognize the challenge as such
> (instead of as a bounce, assuming it is a VERPing listserv) and
> respond correctly, possibly using a to-be-defined extended
> syntax for declaring "I am a listserv! You can recognize traffic
> from me because it comes from 192.0.2.174 and it always contains
> a header "List-ID: giants-list@example.org"
>
>
>
>
>
>
> ps. the hash in the example is a hex MD5 hash of "fee fi fo fum!"
>
> David Nicol / If at first you don't succeed, use a bigger hammer.
>                                        http://gallaghersmash.com
----- End forwarded message -----

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Prev by Date: [Asrg] 4d. Consent Framework - Language for Consent
Next by Date: RE: [Asrg] 6. Proposals - Challenge/response - CRI
Previous by thread: RE: [Asrg] 6. Proposals - Challenge/response - CRI
Next by thread: Re: [Asrg] 6. Proposals - Challenge/response - CRI
Index(es):
- Date
- Thread