Hello Viktor, Viktor Dukhovni via Postfix-users <postfix-users@postfix.org> writes:
> On Mon, Oct 14, 2024 at 01:03:48PM +0900, Nico Schottelius via Postfix-users > wrote: > >> We at ungleich [0] plan to switch towards IPv6 only mail services > > A substantial fraction of email domains are IPv4-only? Why is IPv6-only > a good idea at this time? The reasoning is very easy: if the organisation is incapable or unwilling to setup IPv6, there is little chance it is actually going to pull through with a new technology anyway. New being 25+ years old now. There is obviously a non hidden agenda of improving IPv6 deployment with this approach as well, but generally speaking, if you can't do IPv6, why would you be capable of implementing the web of trust? >> - All participating mail servers are IPv6 only [1] >> - Every participating entity has an OpenGPG keypair [2] > > Unlikely to scale. Can you elaborate on this? I don't see why it should not scale, as the effort *per participant* is actually rather low and linear. If you take BGP peerings as a reference, the actual number of direct peers per entity is actually rather low. I would imagine the web of trust for mail to be similarly small. Can you elaborate which part you imagine not to scale? >> - Every mail server of an entity only accepts email, if the sending >> mail server's public key is signed by a trusted key > > Any system that is open and scales will have bad actors. If the system > never becomes popular, it is irrelevant. If it becomes popular, the bad > actors will be early adopters. Counter argument for that is: - Bad actors are less likely on IPv6 - so less likely to be the early adaptors - Assuming bad actors *do* have motivation and access to IPv6 networks, even then it requires them to be part of a nearby trusted entity, otherwise they cannot join the network. This would in turn mean that you trust someone who is likely to trust a bad actor and with that you decide to allow incoming email from a bad actor. This essentially only affects yourself and other parties who trust you. Once this behaviour is exposed, you would be removed [A0] from the web of trust. >> - Additionally there might be a negative / exception in this stating: >> A) if the key is X, refuse mail >> - Note that this cannot apply to signatures, because anyone can sign a >> key and if we were to refuse a key based on its signatures, a >> blacklisted key could render valid keys invalid > > You're proposing something similar to <https://www.ietf.org/rfc/rfc3514.txt>. Nice one, but not really. I know it's an April's fools joke, but the main difference is that the receiver decides on the security, not the sender. >> The underlying assumption is as follows: >> >> - This network of trusted entities starts very small >> (in our case we sign a couple of friendly other ISPs in Switzerland, were >> we are located at) > > If this is a small club, there are surely simpler designs. You could > model yourself on EMIG (Email Made in Germany). Never heard about that and certainly seems *not* what I am looking for, as the main page of that website is basically 6 big company logos. >> - Those ISPs do the same, so the network grows >> - Eventually multiple networks join, when the first participant of >> network A starts to sign a key of network B >> - A decentralise approach as this one will help to build a more stable >> Internet > > The web of trust does not scale. I still don't follow your argument here, as the effort *per participant* is low. >> - I'd like to hear what you think about the approach >> - I was wondering what would be the best approach to incorporate this logic >> into postfix > > To authenticate receiving systems, consider DANE. To authenticate > sending systems, don't bother, there's no way to build an open network > that somehow has only the good guys participating. I don't consider this to be a fully static network, but a laggish dynamic network that on misbehaviour revokes signatures and thus self heals itself. I believe generally speaking the motivation for actors within a bubble ("the ones I know directly") is to behave well, because otherwise they will be excluded. As written initially, the depth of trust is a local setting and thus can be tuned to the degree of liking with the most extreme case being depth=1, only trusting / receiving mails from directly signed peers. Best regards, Nico [A0] Did not talk about how to remove before - this almost smells like X509 with revocation lists/OCSP - so maybe a bit more involved then just public keys.
-- Sustainable and modern Infrastructures by ungleich.ch
signature.asc
Description: PGP signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
