|
|
|
The Beginning of the Crypto Era
By: Larry Seltzer
2004-11-15
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
The Beginning of the Crypto Era (
Page 1 of 2 ) Opinion: The e-mail authentication picture is getting murkier, but that's good. More credible systems are going online, and that means a real solution is closer.In a move that was totally expected, if a little early, Yahoo has announced that it will put its money where its mouth is and start checking Yahoo Mail with its DomainKeys system.
 Click here to read more about Yahoos DomainKeys announcement.
The company had told me that it would do so by the end of the year, but I suppose it had had this last week, during the FTC e-mail authentication summit, as an internal deadline. Earthlink also announced that it will test DomainKeys on its system.
DomainKeys is important. It is the main implementation of the second of the two most credible approaches to SMTP authentication, specifically the use of cryptographic signatures to authenticate messages against the domains from which they were sent. The other approach—to check against the IP addresses of the servers in those domains—also moved forward recently with the second version of the Sender ID spec.
Dont assume that the DomainKeys implementation is the final form. There is an IETF group called ietf-mailsig working in preliminary stages to standardize the crypto approach to SMTP authentication and they might want to make some changes to the approach used by Yahoo. And I expect Yahoo to be open to such suggestions.
In fact, Yahoos openness to reasonable suggestions and unobjectionable licenses is a big reason to be optimistic about widespread adoption of it. Indeed, while Yahoo has intellectual property claims on its developments in DomainKeys, the company isnt being a jerk about it, like some other coMpanieS in this business that shall remain naMeleSs.
There are some interesting questions about DomainKeys and Yahoos handling of it. The first has to do with performance. My own first impression of cryptography as a solution was that the added performance burden on MTAs (message transfer agents, better known as mail servers) would be great and that many companies would have to upgrade their hardware to run a DomainKeys-enabled server with decent performance. In a recent eSeminar in which I participated, Richi Jennings of Ferris Research echoed this view.
But while its still too early to tell, theres reason to believe the performance issue is not as serious as first impressions would indicate. Ive spoken to Sendmail, the leading MTA company in the world, about it. Nobody, except Yahoo, has more hands-on experience actually testing and coding DomainKeys than Sendmail. Sendmail thinks the added performance burden, entirely CPU-based, is on the order of 15 percent to 20 percent. This isnt nothing, but MTAs arent typically CPU-constrained—they are network- and perhaps disk-constrained—so there could easily be spare CPU capacity in the typical MTA (unless its running Exchange Server or Notes, in which case its CPU-starved).
Next Page: Why no SPF implementation?
|
|
�������x}r㶲s\@♵M푦dK�kŲ,xMT(��SBR�e��oВ/㩱%h�ݍF�$\i9cqM5�>59|@D�� ƓY1=/[S}L}�F��\�3�Ѣ�eb�^P�$ȁ_M¦�%yH#�ERΎȏ�m@|c�oQu�ɷ~{
�w*�Nuol9�Q��)*Jd/B(?F#�cr�տ{a�_��;�U'i3[_��@SU�ؓ�[v�B�䅠1FE��;wK�I%�_g�'u�٪r'Ӥbf��]Lx#@oڮ�S.HVfFԲ;g�uGgbGMҳ�G(&�$g��v?ĭQ If��[a�WK ��0�~b[>4Ib�p\.: 뺷}=-:ԍ۱�=$�f]Ԓ],r"U)m �
��Ї@2zz`N�xtTa_dY7;�Ͱ-6@6cM-���*R<~j]\��r m�� NַRߘ�0QT�&*rp�@|ˤd�&r*� ߱n^S'G�7ǯzxxf-Mn
#d��Li�.]-w
�a4Z�@Lt�&�h�)5?�&`Ma�b&DJH7�є6)`Iz/��(AK/�-
�5TwIQ��Q#w�=^f�A.r)#�� 6=aLTt/\�~��_5L.�awʪ9QY�++\M흛G��\z�gFuIzW^�?uZ^C�8J�j�p�X.B2iKB0.pԷ7�J06�V)q�**rkX�Qnl�:2X�
jX1nґ>�σ�5tSOg|JMk>
uI<
E�C#ɠ�:ڴ{\V���4!>F�&
Ѐa㻣^h>[ <{� C
0ԟr!F#m�| &>v\�l�8d
$(s�w[L,)σ�5[ӽ�:��?`= 0.Zm���$8ʼ��E��1O�[>ȁ=�`MjweC���97(�3�JdN˵�K��] #RRP$S_�]HPw9�J�
B�!\��0H��V0(� a�b
.<��Ҷ�B�I��Cvn<�){T�Kh!+�K@fsfh(4{~4�cbB�|#'b�Xr`Y
�\h+|�i)lc
lԨ[6؛Ţri*|:IoBk4��0���Һ:-$
X� HS��%\Ew,t
3�AP��oBC�ys;J�`y00ӊYsξ��
s��>�` �n6�9�X0N,cB"+H5L��LhH�,ioc�Y}6-j��r�Ǹ%6q�9an5�Ɖ<\yv�=g�.Q>j�uϙܑm˹�ȇRoBoڅRT眺_dA�_fMj�lȌu>IVB17O wf@ntɕu.F�(�hJ�S51�8�FL�yG)'��wJFJ�V��zh'ѫ>Ug�HlZbY6~��%fcP*�oWu�R@_�&���&ۊxceƠ�umLGi+-m"��
IPצ�(X�ke�zdxE��6*�&CI�n2���pZ#}nP�K*+'G,mk9Z��a�5sV@6�@��@�7h��M �TlVCax5�Zz�Sf~o��:��0TN�ϣ(a!�c�4)�>Aװ�Dؙ�ZU�{gm1Jqm?XĞ-f�8[%�,Y^�/V�꺰+]65�e"@0m�"}QiNR}�
Ȳ^oًMIAʫ%U�&-JrI)jLEcl
�ԑq,�Yr�i�L*wڶ{M�>QȺ a(Jc6CZ"�˙�@�#�@&"YC�'Ѡ�c�D8r_(+
cW�?_v�szm6UF�=3�$�h@c4e2f�-4_\0-cJ�D%xXPr'SY7i`�19R2f`KP�s�
h_7`wk�*�� :@�!G:0[�,()y6�^�w/eOS)&V$tu| `_�nM=�=�W�HT0��
� d4}�5��*jAe߯yY/^�>�(&�Lt0Ȑ�%=�Wl5Thn⻏3܁c:P>H(T�g7gMEH]ac6U�{z@n�)ZMMӫU;4z�JE,}&-nov=Od<9y�n2%8z.0JL;%9
$ہ�3Bndۤs:n&2106E�-0P>O\մR�ߗ,09�W�|6�u8YWۄ?`̧s�`pl�� LB l|&7e*r1�_�?J=�[L4F�@V1M0g�7�=�;%�[�(4OQ�5r�l2~6PC,l�γ>A��qHlwBO�~'a9L8�n�7=R.��R\��HǞ1}]�ܙe>t1N��8MU�ה�*eάɢ7(Ъ6��#�i@/%ex.N1 Qc>�?/$*RQv+T5LdR,WEzz�`-XPj�B�L*>"M�C/
PNZC^�$G|)�AU��%UHU(V
�$�y�U��rm�4r�Ok,���ش�/6"h ޜ-�c�z�[
ez|X-�,sK"hʊg�_|�r[rn)ty��Ć5Qh>c[��,�r/鉚ĺ��Raf~`MٸUzJ0iUI+T�Z}��̡�2f{c�і�$¾��̓G\\7hg�D0|7=���#Sj$7�rQӊ5�JR�'0��X 8Z�b�Q�"Y�r�v�jT
�+d��K=� �j ;!(|{W
!&1ǷWXO\�dK!O�%EDOC�V�gX&��
e�f4A48&�o;W���ZU{��"}QL�ޟUv٩�G�#��{?J䏽n�)hl{ٗ�#h��F���"$�
tnG4?/ŗtO�k~�\/[R1~Jy0�NԸhm48n��Z&IEyD��cf42l&zE
��Wq^7[לY0pz)vB3ZMUc z
A078]?T�+[�̚_�f·?ĄBAJNy�(��@�RPOh5[#Est$;3^t�}Ih��!��:Ua2"(BShDO�§,:^78S�%j67 EGW%'K+�u{-�-'��:}mF�џW`
e܃�*Vrh'5۟H‐�����4|yQ$�!rF�e�n1�~x-H7Ժ�N9"�4�qJh"g�:�Q�;�)~ڲOqF[��ڭܓ9�NA}i^w�7U�Z�yZ
J}~l/t:�D(jy[a{wCW_U�$]d%��F�tZx@2�&nulǵ�4�Z
�AYC؞qbL�px�2�HB%�wVp�N
Ϧv_ O��%�FJ-cmێ��!%/�h�vpU4"�Zy"N0
��o�[1 �I�m1ZQ|9�N83{K�4�j�ZSW�לL_l�ZS| � \(�.FӞ
�Ma_˽�z2.mE>zQ%Fm?^��ϗIO�4ۺg�YÃrR��X'�Q�҂�[3~TA��EXwD�"5Po3t�D69 �;~:?I^`6ϪŜmĵ�zD��
7-HcJnC>@ ?|pngquՔt|tt�oԺSqh�N���amD8ws5?�4y��Bb�F�jtx/`ƖY-y1pSxIޛ0$Kw2�g@�U��#YÂ1s��@8Mb�r-)�=� :˕2{﮶�YMh4̵�T��X gi߆�. �OGb&>QPT�(rާ�[3"v��*F�/U㶒),V-bL%<-r2>Otʫ�bɘ�hd�.C C(˺M``��g8NQX(,4ID+J4Z)1Z/?/:\gTfy�@E Ϭ�j3b���(!3(�so��BI쫤�x�氭z@]��DC<+IfʾuWbĉqᤲ�C1Z|%�K�+t%+-,DQ�XhJX.r��nƥl5���%6y,c���"ɽ3�ry��=*�QP�R���b��0�$�M�4!h%M�ͼ"x-ny�*EDRԟXq'>,JJIJaŕMLSwnRӕ0CZ#�'��EUK_> �ЭJLU%-�_y�F��H�tlPB<_Ot�7�
Ȕz��m55�@ŤE�*Pσ%�,!�\ϢOHg;1cYR4I-nˌWQq
80c/�O2Q,ټOXկsF܀elƯE�T~qVGe#�s�I��J{��퓖@-I��&d@]
e�Cw˻*�0m\yp@�
RgnL܍
eR*kB�>:A�$�#mu�Xoi}WwL&~a];d
Gq �#�~sC~sC~sC~sC~y7d�+wC彑%O\6ך�W3�t>f
W�VE}4KUZh�7pDX�V)H�Ma�ܦj_f6��)�(-X{m.Q4P+��-3ORL'yY Ug24�GxS$j��e&mmAɯ_4-|�§
o�eq�+1#/{H,~*1�KgzH8w1BuNX�ol=}$���Znˊ�ct� �S_ R� /�kK&.nStKm~��R2�Yqby��Ax$n0F}�7>Th�}k#pH�i!n�,u<#M
9pcY5��eW.F=RI�
%�-zDĝ�c�IbHC"�f�/o_�!!v"@}䒗wy7L��B�>.�60��w�+j|%c�n�X�:-�ż"|nH]
J*
tz4 K0�>OD�P"���
�8"�-�l-&��At� Pыtf6:|¤�qAսMM.ݼ�=ދ�,RzJx_Iܱۓ`{\�N~#4e\4u`tSt�B1�_�3ƕ{[tp=w��f���0MĶ^M�/D;9b
y�ASk�
Y36.{{�m+h
P|F0��-_���&(yU-|�� {E\[ˮ=:a%}۬RKeײ;1}̣ilVCW�؆_�?���FRce։
٤V$��B1"*Nh֖,,P2aRD�+5{4/қrpBL�Kפ�K|: Ϡ 8weQx|j~*~i//m~�\d[���_毀Uְ@{>5�I�q�(�!Z�z8R[�xv1LRC14��Ousن�wTχxӦq{Q�9#D<6O�dއn&�~iX�x
�>H�':t=jh�DԤJd�m@YP)ϱVPJj\=w(9�:�ө;Νx�iҩ
�HZ۠[*н"%Ֆ�>#Թ<�^tyZ~\`{��i
ͬ-j%!V㬤]�%�F
Rt�3�]s�K?c�(��A�"(�F4�?R)!o%&*=+s|�c6ފjM\qMu��,?t1ц0�#ZNHh�
J\��Zz�_!Ƅi�c
� Ą[)bUfwܠ~z�*ڟO�Vi^fs�B
�=Nl~##dM,ë�|U:�ag|%w�TܶiyV't�Mx6���)<]С����r@JoIg4�|x�}A6�ژy�k�iF$�Y3&^1ĨǯU\Ix##�Nk3`u sF@Yj$G���jD�l�T /�u\oݴZ?#?4�uӻh�zx�dnnZs�2�+Y`#o;z�M}2o
Bù~�� C�OwE)�d���-=�Luh�c>zS/~�r6�5 s); 5j/{ʡBR/3O0�ឩ@SYTdL4B&(qTik$<49|_zLYL�% �
�5"'��s��IA!5�Q�"`"1r�{fĄ1�$6_�
-? +&(?,q�E�
�{GLƙ;fQ�sҾ@b�HM*� l�vqU�@��y+��LL�͂zĂ![C P/1M͍$�u�~�6�5`�6s}�`EP00��a|Lo?ѧv?]f5:�bJ�é�`�\�u
l9�:U�@�g�>�0u�s�9,2us�x\jH�@�$Ѕ:�y,@#!��9ω����'c
36ú~6�_f0���@�h),f,�TՊR
&uU��!2,��=VR⬹<�>+AguU�Mq VH+�^@0��3�:�}G1�u0 }a3brOtv,�{M�"'Uݽ$'
�_¶-�r5�utOWڗe?WK1(kym2/*�˙͓Q�9ltZ9~+�T3\h���"�^ûHKvE Gcqy�^Sw
|x�#�lGyї�5�1zթ0MW?1z
�uӲ���?{Չt.f53;��mzF�x9j�SZ9&}*4=67a\nq���4ħEO\=4yD}n�"g(9�(%�ʯ76S��](f#77�VF)n.?�e�CF?|۹y{sy�пvF?Ӿ(3s/WQ�?o.���aw2Ƨ�w2�N�|o'�O'>���N�^f ?eCyF?���(d^f%e\]f_��O7CtAt3�U�\A?��{��^�}~��\�c�}OYߧ�>�>e�oʁo2�ڿh�&s$eCPȐ�.N�pN2KI�ʠ/W@a uyQ~��@y�J2,c2\.�e{�9;[?[NBX\jzr+z=k /de�7�q ��
��x��[ԙq�ޢD�)+F�yk@�Ë��{�zY)W8#Au̞�^
ebpb�V`l}�Tq4
j5%pN!3J81�|�fZ���gaFq`�F]S[tĈBN�W�nTќ�{c���ö0FrP*�5VZ*{5��f�""C�QL`FTMV�YI2ZY9,�+��P�K=#
��.=m^t fM-ϡ'�!�pC>fJ5�G P��c�ztlюY�UY�YmRfp�0l{|y�؛�ގe�@���7��J�,��{�3ŨЫD@3ĝ�_�p1iR�
��d�D2yhp䣿�t8^4ǝaƹrV�0@���z4}�z<8�JN)YF
� -n�ztY2�&23M{:�o\x| "e*e莃i�D��:՞/6[n%c�$QUE�H|Gj�[���;$}7�F(r�{}!"0�;��VWӄ.��x%���Ɓs���Dbo� zK0vF�H770���4F�w960��|98�ye~"��>���q�`|5h_Ժ�chd9Mk��_$'1x_'05:�%�xl�Ӎ�Qf�\�rw^f$j�AYFnu�㩟1b�paY�*}�q�K�Anӵc�X00w]Ww�-�c~K5 D 9bw[
oZ1LEZRx��oăBL�r(�pIi���)nLˌ˟$4����n_��˙?,����l�> a0'Vbg�HIأ_BDOv�֤-�>#%0uo��cO�il@�O� 0Wd]f��A_f|bOh�>^�sx9q�C�hn6Yx��DN焽�2�4�uWeԦEm_t'^w1+J�}g'�k�3Qp�s4��J(5m �t^wkdU9Hr&z�u h$.7=k"6��:
gKJ'Ҥwvgcw[/AI)�H[aʹD.v
=c"1b9?���v"ㅰx/!�Z^y�|Xeֳ|)6Yұ�ߚR
TDO�2vy9=�|Eɳd/+2b%��#�HY��4w.M%Cb9G8]!
""_S a�niyg�
�Eϩn���C��>X�Y��c:9ebV)qd�z�ӧ�-["@#
e`0vG\~M}�wخ;O�q^'��d��9e7
洩9�.��I|�nHHU֧f2{M{:��з��57d�([|�ӽ�ނ4�ܨN�A2+1�
<&��jEߟ�2"�L�-� �Ԧ?MkSw(\*],1Ał?�qLwf��ta2�Q��*Ԯm#6s�Q/>¼uGׂ=�Ofu�ݍfmx�:2 ��FW���/ʕbA,\�n2?>Ş�i#{��@ =(ۉnfTtc��+@4�4zW�
�qS`�huq#��1u��B\
(c��to L?c.vz]�nJQXƦa#�®u4mo��/*��6
�9/ߵ�3qݼ]E>*�Ѝ
�ϰ1igNb��c/�φŀ��{̾�6��^f+3s�ƫ�Rd�GB~Dda��gZ/u~ҕ�^�)If`cQd+8*)�ؐ��r���k`4bOP���1,�Qv7}Ma�N*)As�a#�El���;ApN7�Wm���S<"Y4.lL�x��%L+DvdzU]�Z-12Mo,gkV�"�K.�a:(z��0��
��s!�׆!�a+cPOYjcL1G�fY{��
�W{څG��Sy6:|���,�ݐbV�S"NdrI-�9=O9N*@X6�c?t�f���@˽ŵ]�^g*a?<#�/a(�`y��ja&"e��})IDy�{SL_?�X|:T+ ��ƕy�@Xqө8Y5/Z+�c~��<^F}TO3uG?��?;��5z_Zˌ�hT*.㉋oZ�5ŧu��nғ��/RhIwV��Hj4��Pw r9̳���G`b�hPfYSVI�Gv�36HZ�\֓CX-lu;
og"f/�On6%s|N�KIk^})M�S9Q��2kF�skq�>tgLp�-�ͱeRZ`l/Z?#1̅)��
|
Network Security & Hardware 
