[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"

To: Hector Santos <winserver.support@winserver.com>
Subject: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
From: Yakov Shafranovich <research@solidmatrix.com>
Date: Tue, 09 Dec 2003 00:10:26 -0500
Cc: asrg@ietf.org
In-reply-to: <003901c3be0f$c59a0c60$6401a8c0@FAMILY>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: SolidMatrix Technologies, Inc.
References: <20031208183344.1857A16CD1@mail.nitros9.org><3FD4E090.8000808@solidmatrix.com> <000701c3bdf9$d856cf20$6401a8c0@FAMILY><3FD54812.1040503@solidmatrix.com> <003901c3be0f$c59a0c60$6401a8c0@FAMILY>
Sender: asrg-admin@ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5)Gecko/20031007

Hector Santos wrote:
[..]

I presumed you are privy to any time line information? Yahoo does say early
2004.

[..]

Nope, I am just as clueless about the time line as everyone else is.

[..]

No "KEY" from a YAHOO return path message:

         What steps should a SMTP server take?

Or is what YAHOO is telling the world that starting in 2004,  any message
that does not have a private key, should not be trusted?  Plain and simple?
Then as you mentioned, we are left with possible forgery issues.

[..]

I would venture to say that for domains that DO have the public key in DNS, any email originating from any other SMTP server with that domain as the "From" address inside the message, and not signed, can be rejected or given higher score in Spam Assassin. This of course would be a problem for users that use a different SMTP server to relay email, unless private keys are shared.

Therefore, this proposal would give immidaete benefit for those sites that utilize it, by reducing "joe jobs" forging that domain, and it will not require the entire Internet to adopt it on the sender's end unless they want to use it. This is similar to LMAP in that respect, but does present more overhead.

The key to any successful technology is to tell the SMTP receiver not to
take any further action or minimum action on validating a transaction and it
needs to be done before DATA is received.

Since this proposal signs messages themselves that are transfered within the DATA command, this cannot be done before the DATA command. Therefore, unlike LMAP proposals it cannot be used at the MAIL FROM point.

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my tongue." (MIT's 404 Message)
-------

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Hector Santos
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Jon Kyme

References:
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Alan DeKok
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Yakov Shafranovich
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Hector Santos
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Yakov Shafranovich
- Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
  - From: Hector Santos

Prev by Date: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
Next by Date: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"]
Previous by thread: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
Next by thread: Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"
Index(es):
- Date
- Thread