1 / 7

Message Authentication Signature Standards (MASS) BOF

The Message Authentication Signature Standards (MASS) address the need to prevent spammers and phishers from sending misidentified emails. While MARID focuses on IP-based authorization, MASS emphasizes cryptographic signatures for message authentication. This involves storing authorization records in DNS, producing a clear definition of the purportedly responsible address (PRA), and marking messages to indicate verification status. Notable proposals include DomainKeys and Entity-to-Entity S/MIME, alongside discussions on key management and signature encapsulation. The potential for commonalities between MASS and MARID may shape future email security frameworks.

berke
Télécharger la présentation

Message Authentication Signature Standards (MASS) BOF

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Message Authentication Signature Standards (MASS) BOF Jim Fenton <fenton@cisco.com> Nathaniel Borenstein <nborenst@us.ibm.com>

  2. MASS BOF - Motivation • Deny spammers/phishers/etc. the ability to send mis-identified mail • Authorization based on IP address is being addressed by MARID • Other approaches based on signatures in messages are out-of-scope for MARID

  3. MASS relationship to MARID • MARID: • Authorization based on IP address • Authorization records stored in DNS • Cryptographic approaches out-of-scope • MASS: • Message authentication based on cryptographic signature • Authorization of key (and often key itself) • May be stored in DNS • May be a separate server

  4. Potential commonalities between MASS and MARID • Definition of Purportedly Responsible Address (PRA) • Message marking to indicate successful/unsuccessful verification • Eventual use of accreditation infrastructure • Although what’s being accredited may differ

  5. Representative proposals • DomainKeys • draft-delany-domainkeys-core-00 • Identified Internet Mail • draft-fenton-identified-mail-00 • E-mail Postmarks • http://www.lessspam.org/EmailPostmarks.pdf • Entity-to-entity S/MIME • draft-hallambaker-entity-00 • MTA Signatures • http://www.elan.net/~william/asrg/mta_signatures.html • Bounce Address Tag Validation • http://brandenburg.com/specifications/draft-crocker-marid-batv-00-06dc.html

  6. Some potential issues • Signature encapsulation • Signatures in headers • S/MIME • Key management • Canonicalization • What’s required to avoid signature breakage? • Treatment of headers • Behavior through mailing lists

  7. Where and when? • Thursday, August 5 • 9-11:30 am (some agendas say 9:30) • Marina 2 • Mailing list: <ietf-mailsig@imc.org> • Archive at http://www.imc.org/ietf-mailsig/

More Related