Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proposal for a Pilot Project: Using DKIM to Create a Email Trust Channel Dave Crocker Brandenburg InternetWorking bbiw.net Dave Crocker Brandenburg InternetWorking.

Published byRobin Bastow Modified over 10 years ago

Similar presentations

Presentation on theme: "Proposal for a Pilot Project: Using DKIM to Create a Email Trust Channel Dave Crocker Brandenburg InternetWorking bbiw.net Dave Crocker Brandenburg InternetWorking."— Presentation transcript:

1 Proposal for a Pilot Project: Using DKIM to Create a Email Trust Channel Dave Crocker Brandenburg InternetWorking bbiw.net Dave Crocker Brandenburg InternetWorking bbiw.net

2 2 2 © 2008, D. Crocker RoadmapRoadmap Trust with domain names: Why do DKIM? DKIM authentication basics Reputation layer above signature layer A modest publishing proposal Trust with domain names: Why do DKIM? DKIM authentication basics Reputation layer above signature layer A modest publishing proposal

3 3 3 © 2008, D. Crocker Reputation Using IP vs. Domain IP Pros Can be at SMTP time Lots of existing practice High granularity Cons Dynamic Not portable Shared among senders Tied to machine, not org.IP Pros Can be at SMTP time Lots of existing practice High granularity Cons Dynamic Not portable Shared among senders Tied to machine, not org. Domain Names Pros Aligns better with org Long-term stability Less long-term admin Can be delegated Cons Must wait for message header to be transmitted More complex software

4 4 4 © 2008, D. Crocker Mistrust and Trust are Different Mistrust Actor is typically hidden and unaccountable Look for bad behavior Heuristic results – with false positives Trust Actor is accountable and collaborative Presumes good intent Problems are errors, not abuse Mistrust Actor is typically hidden and unaccountable Look for bad behavior Heuristic results – with false positives Trust Actor is accountable and collaborative Presumes good intent Problems are errors, not abuse

5 5 5 © 2008, D. Crocker Trust is a separate channel FilterFilter FilterFilter FilterFilter Mistrust Trust Mistrust versus…

6 6 6 © 2008, D. Crocker DKIM – Identify a Responsible Party Goals Compatible/transparent with existing infrastructure Minimal new infrastructure Implemented independently of MUA clients Deployed incrementally Permit delegation of signing to third parties (non-authors)Goals Compatible/transparent with existing infrastructure Minimal new infrastructure Implemented independently of MUA clients Deployed incrementally Permit delegation of signing to third parties (non-authors) Non-Goals No assertions about behaviors of signing identity Not directions to receivers No protection after signature verification. No re-play protection Transit intermediary or a recipient can re-post the message http://dkim.org/specs/draft-ietf-dkim-overview-10.html

7 7 7 © 2008, D. Crocker DKIM Core Technology – RFC 4871 Authenticated identity DKIM-specific parameter From:, Sender:, intermediary, mailing list, other… Authentication mechanism Cryptographic signing Signer chooses header fields to include [+ body] DNS query mechanism Identity + selector defines query string Produces public key Authenticated identity DKIM-specific parameter From:, Sender:, intermediary, mailing list, other… Authentication mechanism Cryptographic signing Signer chooses header fields to include [+ body] DNS query mechanism Identity + selector defines query string Produces public key Effort to add to origination Private key Signing module Effort to add to reception Public key Validation module Limitations Minimal robustness against mailing lists Relaying can break signature

8 8 8 © 2008, D. Crocker Sample DKIM Signed Message Received: from mercury.example.net (HELO mercury.example.net) ([192.168.1.1]) by mail.example.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 01 Oct 2008 17:11:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.net; s=dorrington; t=1222881075; bh=HOVyUZdDUFeesnM3UIalZgPhdeJQS6N061IKw s=dorrington; t=1222881075; bh=HOVyUZdDUFeesnM3UIalZgPhdeJQS6N061IKw 7iUjZ4=; h=Message-ID:Date:From:MIME-Version:To:Subject: 7iUjZ4=; h=Message-ID:Date:From:MIME-Version:To:Subject: Content-Type:Content-Transfer-Encoding; b=kp3vRZo7CiYpOz8lQtlOTZ+W Gl+Cd+te3KPLzFVopncaLnmfyNE0XToxOqSo9FZFz7an9B25gxfjZpZ80LpXmaZmtxx tikwSp0gdDJOWHUtGD2zs1osjDbRKT6KyNYb7 Message-ID: Date: Wed, 01 Oct 2008 10:11:10 -0700 From: Alice Smith MIME-Version: 1.0 To: Bob Brown Subject: Tomorrow's meeting Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Authentication-Results: mail.example.com; header.From=alice@example.net; dkim=pass ( sig from example.net/dorrington verified; ); sig from example.net/dorrington verified; ); Bob, Received: from mercury.example.net (HELO mercury.example.net) ([192.168.1.1]) by mail.example.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 01 Oct 2008 17:11:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.net; s=dorrington; t=1222881075; bh=HOVyUZdDUFeesnM3UIalZgPhdeJQS6N061IKw s=dorrington; t=1222881075; bh=HOVyUZdDUFeesnM3UIalZgPhdeJQS6N061IKw 7iUjZ4=; h=Message-ID:Date:From:MIME-Version:To:Subject: 7iUjZ4=; h=Message-ID:Date:From:MIME-Version:To:Subject: Content-Type:Content-Transfer-Encoding; b=kp3vRZo7CiYpOz8lQtlOTZ+W Gl+Cd+te3KPLzFVopncaLnmfyNE0XToxOqSo9FZFz7an9B25gxfjZpZ80LpXmaZmtxx tikwSp0gdDJOWHUtGD2zs1osjDbRKT6KyNYb7 Message-ID: Date: Wed, 01 Oct 2008 10:11:10 -0700 From: Alice Smith MIME-Version: 1.0 To: Bob Brown Subject: Tomorrow's meeting Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Authentication-Results: mail.example.com; header.From=alice@example.net; dkim=pass ( sig from example.net/dorrington verified; ); sig from example.net/dorrington verified; ); Bob,

9 9 9 © 2008, D. Crocker StatusStatus dkim.org/#deployment 20(!) at interop event 18 software; 5 service Steady adoption rate Relatively minor early- stage rough edges Some confusion about identity to evaluate DKIM has two identity parameters (d= and I=) dkim.org/#deployment 20(!) at interop event 18 software; 5 service Steady adoption rate Relatively minor early- stage rough edges Some confusion about identity to evaluate DKIM has two identity parameters (d= and I=) Further work ADSP – publish signing practices to detect messages that should be signed Authentication-Results – header from signature validator to identity assessor …

10 10 © 2008, D. Crocker Authentication is Useless… … by itself We all say this, but do we appreciate what it really means? We often say: If you have a validated name, you can make simple decisions for folks you know. After all, you already know that Im a great guy… But this means really means youve gone beyond simple authentication… into reputation. This added layer is a barrier to adoption of authentication! Must have a reputation step, before an adopter gets value. Potential adopters of authentication are waiting for compelling and immediate utility that is turnkey. Potential adopters of authentication are waiting for compelling and immediate utility that is turnkey. … by itself We all say this, but do we appreciate what it really means? We often say: If you have a validated name, you can make simple decisions for folks you know. After all, you already know that Im a great guy… But this means really means youve gone beyond simple authentication… into reputation. This added layer is a barrier to adoption of authentication! Must have a reputation step, before an adopter gets value. Potential adopters of authentication are waiting for compelling and immediate utility that is turnkey. Potential adopters of authentication are waiting for compelling and immediate utility that is turnkey.

11 11 © 2008, D. Crocker Can a simple project help? Some utility, based on authentication Without prior sender/receiver arrangement Without prior sender/receiver arrangement Goals Simple, useful Not compete with reputation services… Possibly serve as a template for others Proposal Published Member List (PML) Published Member List (PML) Some utility, based on authentication Without prior sender/receiver arrangement Without prior sender/receiver arrangement Goals Simple, useful Not compete with reputation services… Possibly serve as a template for others Proposal Published Member List (PML) Published Member List (PML)

12 12 © 2008, D. Crocker Published Member List (PML) Pilot project Create an email trust domain among member institutions to permit streamlined email filter handling. Demonstrate utility of validated membership lists Publish a list of a groups members Membership can be a meaningful indication of Goodness Might publish related attributes, like type of institution Assessor might interpret favorably, but not give message a free pass Could be template for other organizations Banks, Airlines, Governments, Political Parties… Pilot project Create an email trust domain among member institutions to permit streamlined email filter handling. Demonstrate utility of validated membership lists Publish a list of a groups members Membership can be a meaningful indication of Goodness Might publish related attributes, like type of institution Assessor might interpret favorably, but not give message a free pass Could be template for other organizations Banks, Airlines, Governments, Political Parties…

13 13 © 2008, D. Crocker Project Details Write charter for project Define expected use by assessment engine Agree on list semantics Evaluate legal implications Document and publish it Write charter for project Define expected use by assessment engine Agree on list semantics Evaluate legal implications Document and publish it Obtain agreements to publish Define DNS/VBR* query format Begin operation Document the project Recruit spamassassin and other users of list * VBR: Vouch by Reference * VBR: Vouch by Reference

14 14 © 2008, D. Crocker Attributes in an Entry Domain name Associated name of institution Member attributes, such as Type of institution …? Domain name Associated name of institution Member attributes, such as Type of institution …?

15 15 © 2008, D. Crocker Audience Survey Interest? Idea of membership lists Participation in pilot project Concerns? Interest? Idea of membership lists Participation in pilot project Concerns?

Download ppt "Proposal for a Pilot Project: Using DKIM to Create a Email Trust Channel Dave Crocker Brandenburg InternetWorking bbiw.net Dave Crocker Brandenburg InternetWorking."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Use Case Diagrams.

Use Case Diagrams.
RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
Service Oriented Architecture Reference Model

Service Oriented Architecture Reference Model
Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
PKCS-11 Protocol for Enterprise Key Management

PKCS-11 Protocol for Enterprise Key Management
2000-08-01Delivery Methods forIPP Event Notifications 1 Internet Printing Protocol (IPP) Delivery Methods for IPP Event Notifications.

Delivery Methods forIPP Event Notifications 1 Internet Printing Protocol (IPP) Delivery Methods for IPP Event Notifications.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Fighting Abuse with Trust: Enhancing the paradigm Dave Crocker Trusted Domain Project (trusteddomain.org) Brandenburg InternetWorking (bbiw.net) FCC ~

Fighting Abuse with Trust: Enhancing the paradigm Dave Crocker Trusted Domain Project (trusteddomain.org) Brandenburg InternetWorking (bbiw.net) FCC ~
1 Contract Inactivation & Replacement Fly-in Action ( Continue to Page Down/Click on each page…) Electronic Document Access (EDA)

1 Contract Inactivation & Replacement Fly-in Action ( Continue to Page Down/Click on each page…) Electronic Document Access (EDA)
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
© 2012 Eloqua, Inc. Confidential 1 Deliverability and IP Warming Overview and Implementation Using Eloqua.

© 2012 Eloqua, Inc. Confidential 1 Deliverability and IP Warming Overview and Implementation Using Eloqua.
Reputation Discussion Panels: Seeking a Common Understanding Dave Crocker Brandenburg Internet Working bbiw.net MAAWG / S.F. 2006 Dave Crocker Brandenburg.

Reputation Discussion Panels: Seeking a Common Understanding Dave Crocker Brandenburg Internet Working bbiw.net MAAWG / S.F Dave Crocker Brandenburg.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.
SO- You Have a Protocol- What ’ s NEXT? Bob Ensor and Dana York 1.

SO- You Have a Protocol- What ’ s NEXT? Bob Ensor and Dana York 1.
Off-the-Record Communication, or, Why Not To Use PGP

Off-the-Record Communication, or, Why Not To Use PGP
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.

State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

Similar presentations

Ads by Google