[ppml] Policy Proposal 2007-1 - Last Call

Leo Bicknell bicknell at ufp.org
Thu Apr 26 20:23:33 EDT 2007


I spoke with ARIN staff after the policy passed, and would like to offer
the following "high level" path forward.

1) Mail-From is trivially spoofed by anyone with 30 seconds to spare.

2) PGP should be implemented as written, with care taken that the chain
   of trust length (5 in this case) is a constant defined in a single,
   easy to modify location.  This is a huge improvement from Mail-From,
   as spoofing this will now likely take hours or days of work.

At this point ARIN staff will have implemented the policy.

3) ARIN staff should then create a mechanism (yet to be defined) for a
   resource holder to 'register' their key with ARIN.  At this point, 
   if ARIN receives a mail and the key is registered the chain length
   must be 1.  Longer chains would not be accepted for registered keys.
   This key holders can "opt in" to a higher security model that is
   virtually impossible to spoof.

4) At some point in the future, assuming a high percentage of keys are
   registered ARIN would consider reducing the chain length from 5 to a
   lower number, possibly eventually 1.

Please note that staff has not agreed to implement this way, it was
only a hallway discussion.  However, this gives us something that
can be implemented quickly, and is better than mail from.  We need
not wait for #3 to start to get something better.  Resource holders
will be able to opt for higher security, and do so individually so
we don't need a flag day.

I also want to remind people that this proposal ONLY does what is
done with mail from today.  If the key matches with a chain of 5
ARIN will only interpret that to mean the same things that "MAIL
FROM: <name>" means today.  Even if I can steal Randy Bush's key
and generate a properly signed message, or create a trust chain
that makes a fake Randy Bush look like the real thing, I won't be
able to send in an e-mail saying "give all of my (Randy's) resources
to Microsoft" and have anything happen, because the process doesn't
work like that with Mail From.

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20070426/12d46c26/attachment-0001.sig>


More information about the ARIN-PPML mailing list