Re: ] Replay attacks and ISP business models

[Tony Finch <dot@xxxxxxxx>]

On Mon, 1 Aug 2005, Jim Fenton wrote:
>
> - There was a suggestion of a "revocation ID" that could optionally be part of
> the signature.  If present, the verifier would need to query the originating
> domain (DNS again, probably...) to see if there is a record indicating that
> the given revocation ID has indeed been revoked (absence of a record
> indicating no revocation).  ISPs would potentially apply a different
> revocation ID per customer.  This warrants further study; if DNS is used for
> this, we need to think about both the transaction load and the amount of
> negative caching that would need to be done.

The scaling issues here are similar to per-user keys, so I won't repeat
myself.

One thing that hasn't been mentioned yet is the idea of "soft" defences
against replay attacks. For example, a suitable reputation or revocation
service could include a rate-limiting system, so that as well as pass and
fail they could return an intermediate result that would translate into an
SMTP 450 response. This could be used to slow down a bulk mailing until it
becomes clear whether it's good or bad.

Tony.
-- 
f.a.n.finch  <dot@xxxxxxxx>  http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.