Introduction
Mike Lambert, Director of the Messaging Forum, provided an
Introduction to the meeting and identified a number of key
characteristics of the Internet email system that add to the complexity
of solutions to key customer requirements:
- The store-and-forward model of Internet email
- The extensive use of mediators which modify the contents
of a message in some way during the transmission processes
Practical Lessons in Email Security
There is a growing recognition of the need to protect the contents of
email through encryption. The first session of the meeting reported on
the current status of different approaches.
Russ Chung, Co-Chair of the Messaging Forum, provided an
overview of
Secure Messaging Models, comparing and contrasting a number of
mechanisms:
- End-to-end secure messaging
- Gateway-to-gateway secure messaging
- Web-enabled secure messaging
Wen Fang, from Boeing,
Co-Chair of the Messaging Forum, talked about the
Design and Deployment of End-to-End Email Encryption. The
presentation explained how the original needs have been satisfied and
how this is now being deployed as a contractual requirement for working
with Boeing. An important element of this process was the Messaging
Forum Secure Messaging Challenge which developed the overall
architecture and demonstrated the feasibility of open standards based on
strong encryption of email.
Mike Lambert described
Domain Gateway Encryption, a simpler approach in which email is
encrypted at the domain boundary for transmission across public
networks. This is a much more manageable approach for small and medium
enterprises that lack the resources to implement a full PKI and meets
the regulatory compliance requirements of many market segments (e.g.,
healthcare). In collaboration with the
Massachusetts Health Data
Consortium, the Messaging Forum has developed a
certification program to ensure interoperability between products
that encrypt at the domain gateway.
Stephan Wappler, from
Noventum Consulting, presented an approach to
Secure Data Exchange over External Hosted Mailing Lists. This is a
case study for the general problem associated with mediator systems,
such as mailing list exploders, and handling encrypted email. This
presentation showed the results of a practical approach that
demonstrates feasibility.
Conclusions of this session:
- There are now practical,
open standards-based approaches to email encryption available to all
sizes of company (although the challenges of key discovery and exchange
remain).
Practical Lessons in Spam Control
Unsolicited email (Spam) remains a major challenge. The impact of
the flood of unwanted messages is a major cost to business and a major
threat to the effectiveness of email.
In an extended
presentation, Mike Lambert provided an up-to-date review of
approaches to control and eventually eliminate Spam, addressing:
- The scale of the problem
- The current (lack of) effectiveness of anti-Spam legislation
- The use of filters to intercept Spam
- New initiatives to authenticate the senders of email
- The role of reputation services
The ability to authenticate the originator (or originator's domain)
of an email is an essential enabler for more reliable message filters
and enforcement of legislation. Several approaches are now being
deployed:
- Path-based (Sender Policy Framework/Sender-ID)
- Crypto-based (Domain Keys, Identified Internet Mail)
Practical recommendations from this session:
- Companies should create an SPF record defining the systems that
they use to send email now. The cost is low, the risk
is low, and there is an immediate reduction in the amount of
bounced mail arising from mail sent from imposters.
- Companies should consider upgrading their Message Transfer
Agents to check SPF records soon. The major vendors have
software just about ready to ship.
- It is probably worth holding off on implementation of
cryptography-based approaches until the merging of the Domain Keys
and Identified Internet Mail specifications is complete (later this
year).
- Companies should start to worry about their email reputation
now, making sure that policies are in place to prevent events
that would generate a negative reputation, such as an ill managed
direct marketing campaign.
Microsoft Windows Rights Management Services
Martin Linda, from
Siemens Business
Services and representing EEMA,
introduced the Microsoft Windows Rights Management Services, using a
presentation prepared by Steven Adler of
Microsoft.
This approach includes document encryption and Rights Management
Services to issue licenses (which include decryption keys) to authorized
users. As such this does provide a mechanism for protection of documents
when transmitted by email and an alternative approach to email
security.
The conclusion of this session was that the applicability of this
approach may be constrained by the apparent proprietary nature of the
solution.
Bridging the Bridges - Policy Mapping
One of the new work items proposed for the Messaging Forum (see
below) relates to the establishment of standardized Certificate Policies
(CPs) to reduce the load associated with the development and auditing of
CPs.
As background to this discussion a number of different requirements
for Certificate Policies were examined.
Gzim Ocakoglu, from the
European Commission, presented the status of a
Bridge/Gateway Pilot Project. The project has the objective of
establishing an intermediate trust infrastructure for Europe-wide
e-Government services. The project is currently reaching the end of a
pilot phase and is likely to result in recommendations for an
operational European Bridge/Gateway CA.
Russ Chung provided a status report on the US Federal
Bridge-CA, using
presentation materials prepared by Judith Spencer of NSA and
followed up with an analysis of
Policy and Procedure Considerations:
- Levels of assurance
- Relying party agreements
- Liability
- Compliance audits
He concluded that reconciling differences between the Federal Bridge
CA and other bridge CAs or primary CAs is non-trivial.
Peter Steiert, from
Teletrust, presented the current status of the
European Bridge-CA, an operational system of the business community,
currently primarily but not exclusively in Germany. The architecture of
the bridge includes Certificate Exchange with Directory and Validation
Services. It has a single level of assurance that does not map directly
onto any of the levels of the Federal Bridge-CA.
New Project Proposals
A number of new projects were presented for consideration by members
of the Messaging Forum:
-
Federated Instant Messaging
The growth of Instant Messaging brings benefit to enterprises who
embrace it, but lack of interoperability reduces its effectiveness
and introduces unnecessary management complexity. The proposal seeks
to integrate existing IM services, using existing account and
credentials for external IM users.
-
Federated Free/Busy Proposal
Scheduling meetings, particularly where participants are
geographically dispersed, is a time-consuming process involving
multiple rounds of negotiation to establish an acceptable date/time.
Heavyweight calendaring and scheduling initiatives have been
underway for a decade and have yet to address this requirement. The
proposal seeks to establish a simple protocol to establish the
free/busy status of people.
-
Standardized Certificate Policy Assurance
Creation and auditing of Certificate Policies is currently delaying
the deployment of PKI-based encryption of email. This proposal
seeks to reduce a NxN problem to Nx2 or Nx3 through the
establishment of a small number of broadly accepted standard
Certificate Policies and an independent auditing program.
- Secure Messaging Consultant Certification
The lack of access to suitably skilled external resources is
currently delaying the deployment of secure messaging systems. What
is required is a mechanism to help companies wanting to deploy
secure messaging to locate suitable external consultants and to be
confident that they have the necessary skills and knowledge. This
proposal seeks to build on the model established by The Open Group
Architecture Forum for
TOGAF certified practitioners and
IT
Architect Certification.
