User:David MacQuigg/Sandbox/Email authentication

From Citizendium
< User:David MacQuigg‎ | Sandbox
Revision as of 16:46, 16 October 2009 by imported>David MacQuigg
Jump to navigation Jump to search

This article is a subtopic in a group of articles under Email system. We assume the reader understands the parent article, its terminology, and the roles of different agents in the system.

Secure communications may require any or all of:

1) authentication of the source (individual or organization identity)
2) verification of content (digital signature)
3) confidentiality of content (encryption)
4) originality (no duplicates)
5) timely delivery (no unexpected delays)
6) hidden communication (keep an enemy unaware)

Solving the problems of bulk email abuse (spamming, phishing and other bulk mail scams) requires that we address issues 1 and 4. The others are irrelevant.

Email authentication methods fall into two categories. Methods like SPF, SenderID, and CSV rely on the fact that certain IP addresses are firmly under the control of a sender (an individual or organization identified by its domain name). Methods like DKIM rely on a digital signature verifying the entire message and some of its headers. Both depend on the security of DNS. The assumptions are that only the domain owner has access to the DNS records under his name, and that a DNS query will return those records unaltered.

|--- Sender's Network ---|           |--------- Recipient's Network --------|
                                /
Author ==> MSA/Transmitter --> / --> Receiver/Forwarder ~~> MDA ==> Recipient
                              /
                           Border                     

With IP-based methods, the sender publishes in DNS the IP addresses authorized to use his domain name. With signature-based methods, the sender publishes a public key. IP methods can be very efficient, rejecting an entire session without transferring any messages. Signature methods can work "end-to-end" without any reliance on IP addresses. This avoids the forwarding problem suffered by some IP-based methods, in which the source IP address on the "last hop" is no longer related to the sender's domain name.


Email authentication methods focus primarily on authentication, but also meet other requirements on this list. A digital signature like that in the DKIM method, can be generated only by someone having the private part of the key, so the signer is automatically authenticated. DKIM satisfies requirements 1 and 2, but nothing else.