At 6:32 AM 6/29/94, Charlie Watt wrote:
> 2) subversion of the infrastructure, i.e. how can we prevent
> attackers from telnet'ing into port 25 and exercising the debug
> features of SMTP, and how can we prevent messages with
> handcrafted headers from making sendmail do bad things.
> This is definitely a firewall problem.
1. Please describe the 'debug features of SMTP'. I don't believe I heard
of them before.
2. Worrying about an implementation for email transport, such as sendmail,
doesn't seem like an appropriate topic for an IETF-related discussion list,
unless the purview of such discussions has changed recently.
>In the SMTP world we are developing solutions to the first problem. This
>message is signed using the IETF's PEM protocol and my private key. If
>you have access to my public key and the certificates required to verify
>it, you can verify my signature. There are other SMTP solutions to this
>problem, including the popular PGP. There are no SMTP solutions to the
>second class of problems.
PEM and PGP pertain to mail objects, not mail transfer protocols. There is
nothing about them that has anything at all to do with SMTP and, in fact,
the object can be and is carried using other transport protocols, such as
UUCP. This no doubt seems like nit-picking but use of SMTP as the generic
reference frequently ends up causing others to misunderstand features and
limitations of the Internet mail environment, in particular the fact that
Internet mail objects extend far beyond the IP/TCP/SMTP Internet via
mail-level store-and-forward relaying.
>While there are many things wrong with X.400 (note from this message that
>I prefer SMTP), what it does specify fairly well is security. In
Please describe the range and experience with implementations, deployment
and use of this advanced technology, as opposed to the paper specification
of it. This distinction has been the key behind my previous notes. As we
all know, it is easy to write almost anything, but another thing entirely
to field the spec.
>fact, X.400 provides better solutions to both types of security problems than
As an academic point, I'd be curious as to the technical points of
superiority that you perceive, unless the points later in your message were
that discussion.
> Both of these protocols are
>superior to PEM, PGP and the other SMTP offerings because they provide
>non-repudiation services,
It specifies it. But there's no experience with it. The same applies to
emerging Internet mail service. It remains to be seen which is really
deployed and used first. Non-repudiation seems to be the really tough
function to provide, I believe because of its operational overhead.
>The key to the X.400 problem is not that the specifications lack the
>necessary security services required by a firewall, but rather, very few
>of the vendors have fully implemented them. However, many vendors are
>now scrambling to do so, for the DMS procurement requires all of these
>features, and requires that they be available in COTS products. The
>government has failed before when arbitrarily mandating OSI standards. This
>time they may have it right -- never underestimate the influence of a large
>captive market.
This part of your note is, of course, the nitty-gritty. And I appreciate
your including the historical reference to OSI.
Dave
+1 408 246 8253 (fax: +1 408 249 6205)
Follow-Ups:
|
|
