Sections:
Home |
Featured Blogs |
News Briefs |
Industry Updates |
Topics |
Community
RSS Feeds, Email Updates, Mobile Edition and More: CircleID Extras
About: About CircleID | Media Coverage | CircleID Blog | Contact | Advertising Programs
Terms & Policies: Codes of Conduct | Privacy Policy | Terms of Use
RSS Feeds, Email Updates, Mobile Edition and More: CircleID Extras
About: About CircleID | Media Coverage | CircleID Blog | Contact | Advertising Programs
Terms & Policies: Codes of Conduct | Privacy Policy | Terms of Use
Copyright © 2002-2008 CircleID.
Iomemo Inc.
All rights reserved unless where otherwise noted.
Local Time: Monday, October 13, 2008 07:57 AM PDT – Page Load: 0.2365 Sec.
Local Time: Monday, October 13, 2008 07:57 AM PDT – Page Load: 0.2365 Sec.
Authentication without trust is a waste of time.
This was demonstrated by spam forming the majority of email passing SPF checks early in SPF life.
In the case of SPF some limited trust is/was indirectly provided by the DNS, to at least certify the ownership of the sending servers.
We are seeing interesting trend to a lot of our Spam email being from Google/AOL/Yahoo.
This I guess raises the issue of where trust should reside.
I think the large email providers must aim to push "trust" to the individual as their email servers are demonstrably sources of untrustworthy email. Sure I can trust these spam were sent by who claimed to send it, I have cryptographic proof, Yahoo are spamming me, great. I guess it might make automated abuse handling easier for Yahoo.
Transit authentication is a secondary issue. If OpenPGP/Mime were implemented widely, and all the (fake) emails from "support@paypal.com" came with a giant "this message isn't signed - or this message is forged - signs, people wouldn't send them in the first place.
The real issues here are I think;
Trust is expensive/difficult to manage.
We like to communicate with folk who aren't yet in our network of trust occasionally.
There are too many compromised machines out there.
Backward compatibility is seen as a must.
Challenge/Response could be implemented to reduce authenticated sender issue down to "prove you get email to the address you are sending from" before I accept. It is conceptually simple, but the antispam folk bitch about it because implementation transition would (they believe) be painful.
This approach works fine for certain IM networks who only allow buddies to chat, and ask the user whenever someone wants to be a buddy.
Sure authentication is the first step to trust - but trust is essential. Systems must demonstrate how they will provide and manage trust, before we go to the trouble of deploying authentication, otherwise we might deploy the wrong kind of authentication system.
Any authentication system not relying on cryptography (public key) is probably not worth implementing. Not because public key cryptography is a "silver bullet", but because the alternative technologies to rely on (like DNS lookup for SPF) are not yet secure enough for common purposes, and we would be encouraging the bad guys to attack the DNS, when I'd far rather they were pitched in a battle of wits with the mathematicians are the NSA (if it exists ;-), than me as a DNS administrator.
So I want trust, I want authentication, I want it per sender, I'd like it implemented in free software as well. Yes I already use GNUPG, but it provides a kind of trust network, it isn't that specifically focused on whether I trust someone to introduce a new email correspondent, and my email system doesn't yet reject emails which aren't correctly signed (and like DKIM some mailing lists mess it up), and not many people are using it (and the most common email client on the planet still hasn't implemented the relevant RFCs).
Simon that is the best comment I have read in a long time. Thank you.
>antispam folk bitch about it because implementation transition would (they
> believe) be painful
After 15 years of spam, I would take 1 year of pain if it meant the I would never have to deal with it again. I get disgusted when I think about how much time I have had to waste tweaking spam filter systems.
> Trust is expensive/difficult to manage.
I have been mulling this idea for a while now. This may seem elitist, but what if, to run a mail server you had to pay $500, for the privilege of registering their server with a trust authority Public Key server. The recipient server could verify the senders server before accepting email.
Tired of spam, only accept email from registered servers.
Spamming servers could have their keys revoked. This drives the cost of business up for everyone (slightly), but especially for spammers.
Most users use a providers server, as I spend more work time fighting SPAM, I gave up my home email server (too much work), and now use Google apps for my personal mailboxes.
There was a time before AOL and windows 95 popularized the internet, when there was a higher barrier to entry (technical, not financial). SPAM was not an issue then. As it got easier to connect, SPAM got worse.
We need to raise the barrier to entry on mail servers that we accept mail from.
The internet needs a cover charge.
Quite simply
Nice idea, except you don't even need a public key server, you can do the whole thing in DNS. This is exactly what we have already been offered by Spamhaus with its .mail sponsored TLD.
That idea withered on the vine some years ago.