[ih] "secure" email, take 5 or 6 or 7 (was Re: secure email was The Internet Plan; was: Ken Olsen's impact on the Internet)

Dave CROCKER dhc2 at dcrocker.net
Thu Feb 17 06:44:19 PST 2011 


On 2/16/2011 4:52 PM, James Galvin wrote:
> I believe that DNSSEC makes this eminently doable.

PEM, MOSS, PGP, S/MIME and probably several more previous efforts make pretty 
clear that the major challenge for email security is administrative, not 
technical.  Whatever is going to succeed, it is going to have to have massively 
better user and operations human factors, especially with respect to administration.

I can imagine DNSSEC being helpful to that, although its painfully slow 
development and uptake do not bode well.  Still, there /is/ uptake and I am 
/finally/ confident that a sufficient DNSSEC infrastructure will eventually 
arrive.  However I don't have a sense of its on-going OA&M burden.

The alternative is DKIM, which is already tailored to message signing and is far 
easier to deploy and operate.  However it's semantics are intentionally more 
modest than folks have in mind here.  It does not authenticate a message, 
frequent statements to the contrary notwithstanding.  It authenticates the 
presence of an identifier in the message, but that presence does not mean that 
the contents are valid, not even the FROM: field.

Relatively small tweaks to DKIM's use could change this.  It wouldn't be "DKIM" 
but it could re-use almost all of DKIM's details.  (Note that the formal 
semantics of a protocol are not necessarily defined by packet and data details, 
but by the port number the application uses.  Hence SMTP has different semantics 
on port 25 than on port 587, in spite of being the 'same' protocol... The 
equivalent to a new port number for DKIM could be a different header field from 
the DKIM-Signature field used to hold a DKIM signature in a message.)

It happens that I've recently been working on a re-purposing of DKIM to this 
end.  I floated a preliminary effort by the DKIM working group, but the timing 
was not right.  So a couple of us are pursuing it separately.  A draft will be 
available soon.  This thread, as well as some market pull by a private industry 
activity, have escalated the priority of the effort.  Watch this space.

For a couple of years, there has been some background interest in finding ways 
for DNSSEC and DKIM to be complementary.  My current view is that this will work 
best by having DKIM-ish technology provide the message security services and 
having DNSSEC close the security hole of using the DNS for storing keys.  The 
incentive for doing this depends on fear of a compromised DNS.  With respect to 
email security this probably is highest when the use of message security is 
high-value, such as for financially-based transactional mail.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

More information about the Internet-history mailing list