[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] E-mail Postmarks

To: asrg at ietf.org
Subject: Re: [Asrg] E-mail Postmarks
From: William Leibzon <william at completewhois.com>
Date: Tue, 8 Jun 2004 23:10:12 -0700 (PDT)
In-reply-to: <40C6540E.5080207@ehsco.com>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20040608213148.1567.qmail@xuxa.iecc.com> <40C6540E.5080207@ehsco.com>
Sender: asrg-bounces at ietf.org

On Tue, 8 Jun 2004, Eric A. Hall wrote:

One place where sigs might be handy is in an organization to have lots
of subdomains.


One other area of importance/consideration here is that third-party
trust-broker services become more important once you get into the whole
world self-signing everything.


Verisign and other certificate authorities provide only what can possibly
be descibed as accreditation (i.e. the confirm that claim of the registrant
that this entity exists), the good thing about them however is that since
there are few root CAs, they can be distributed to MTAs and that means
there is no necessity to get public key to verify the cert for each email
(although regular updates of CRLs are still necessary and would need to be
 done on at least daily basis).

Taken to logical extreme (eg, wide-scale deployment), bringing some kind of hierarchy back into the system starts looking good, and trust-brokers can provide a logical hierarchy even if they don't provide the actual hierarchy as with current CAs.

Trust is something separate different, this is like a reputation service
and possibly in the future some existing or new certificate authorities
(hopefully all of them!) would actually revoke certificates from spammers.

In my view what is described above as "trust brokers" would be an alternative to centralized reputation service where other mail operators can provide certain level of trust and repuation confirmation to each other. This can work if we do something like PGP and have keyservers verify if there exist a chain of trust from sender to recepient mail server that is no longer then "n" levels deep.

Additional parameters such as "degree of trust" might possibly exist that operator may enter when they sign somebody elses certificate. From what I remember from combinatorics math courses this would become equivalent to best path problem in complex multi-node graph and this problem has been well studied, unfortunetly it also has serious scalability issues if number of nodes in the graph is more then then thousand. Note that PGP keyservers currently have over 2 million keys with those of them signed by somebody else accounting for 400,000. If we do this on the MTA level we'll likely reach similar numbers and I'm not certain that keyservers would be capable of answering best path problem given constraints such that you'd expect an answer in fraction of a second as not to introduce extra delay in mail processing.

---
William Leibzon
william at completewhois.com

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] E-mail Postmarks
  - From: John Levine
- Re: [Asrg] E-mail Postmarks
  - From: Eric A. Hall

Prev by Date: Re: [Asrg] E-mail Postmarks
Next by Date: Re: [Asrg] E-mail Postmarks
Previous by thread: Re: [Asrg] E-mail Postmarks
Next by thread: Re: [Asrg] E-mail Postmarks
Index(es):
- Date
- Thread