20050039019 (20050039017) ,--- | 1. A method for message authentication, comprising: generating a key | pair associated with a domain, wherein a public component of the key | pair is accessible to a domain name system (DNS) server that is | associated with the domain; if a message originates from a "sender's | address" associated with the domain, employing a private component of | the key pair to digitally sign the message and forwarding the | digitally signed message towards a recipient of the message; and if | the public component stored with the DNS server verifies that the | digitally signed message originated from the domain associated with | the "sender's address," employing at least one policy to handle the | verified digitally signed message for the recipient. '---
The primary claim in the patent application depends upon direct association with the "sender's address", rather than the indirect method recommended in: http://www.ietf.org/internet-drafts/draft-otis-mass-reputation-03.txt The opaque-identifier + "sender's address" is retained by the recipient where there may not be a direct relationship between the signing-domain and the sender's address. This indirect relationship would discourage email-address based reputations. Email-address reputation may act to coerce policies that prohibit third-party services as this would be the _only_ available protection for the email-address. The opaque- identifier however provides much better anti-spoofing security in the general case and does not expose the email-address to reputation accrual. A direct relationship forced by way of policy enables reputation schemes based upon the email-address. Such an email-address reputation scheme would have the effect of forcing an email-address to only be used with a particular provider, and prohibit use of third-party email services such as mailing-lists, e-invites, greeting-cards, kiosk-style communications, several mobile applications, etc. Such constraints upon the From header will also mean the From header may no longer relate to who authored the message, but rather may indicate the domain associated with the email message transport system. Introducing uncertainty in this header does not reduce the amount of spoofing of the author, but rather changes the nature of the spoofing and actually increases the likelihood of a spoofing success. Even a direct relationship is easily spoofed due to the prevalence of "pretty- name" MUA displays. The opaque-identifier + signing-domain retained by the recipient can significantly reduce a miscreant's ability to spoof, even within the same domain! It also enables strategies that can defend against "pretty-name" ploys and look-alike domains perhaps done using changed characters-sets. This would also be more effective against the typical phishing attack without the need for any policies asserted by the email- address or the signing-domain. The opaque-identifier can also completely defeat any message replay abuse, provided the sender is responsive. Publishing of revoked opaque- identifiers could also be offered as a service by delegating the revocation zone. -Doug _______________________________________________ ietf-dkim mailing list http://dkim.org
