10. Other Topics ..................................................39
10.1. Issues Specific to SPF ...................................39
10.2. DNS Load and Caching .....................................40
10.3. Rejecting Messages .......................................40
10.4. Identifier Alignment Considerations ......................41
10.5. Interoperability Issues ..................................41
11. IANA Considerations ...........................................42
11.1. Authentication-Results Method Registry Update ............42
11.2. Authentication-Results Result Registry Update ............42
11.3. Feedback Report Header Fields Registry Update ............44
11.4. DMARC Tag Registry .......................................44
11.5. DMARC Report Format Registry .............................45
12. Security Considerations .......................................46
12.1. Authentication Methods ...................................46
12.2. Attacks on Reporting URIs ................................46
12.3. DNS Security .............................................47
12.4. Display Name Attacks .....................................47
12.5. External Reporting Addresses .............................48
12.6. Secure Protocols .........................................48
13. References ....................................................49
13.1. Normative References .....................................49
13.2. Informative References ...................................50
Appendix A. Technology Considerations .............................52
A.1. S/MIME .....................................................52
A.2. Method Exclusion ...........................................53
A.3. Sender Header Field ........................................53
A.4. Domain Existence Test ......................................54
A.5. Issues with ADSP in Operation ..............................54
A.6. Organizational Domain Discovery Issues .....................55
Appendix B. Examples ..............................................56
B.1. Identifier Alignment Examples ..............................56
B.2. Domain Owner Example .......................................58
B.3. Mail Receiver Example .....................................63
B.4. Utilization of Aggregate Feedback: Example .................64
B.5. mailto Transport Example ...................................65
Appendix C. DMARC XML Schema ......................................66
Acknowledgements ..................................................73
Authors' Addresses ................................................73
10. その他 ........................................................39 10.1. SPF特有の問題 ............................................39 10.2. DNSの負荷およびキャッシング ..............................40 10.3. メッセージ拒否 ...........................................40 10.4. 識別子アライメントに対する検討事項 .......................41 10.5. 相互運用性の問題 .........................................41 11. IANAによる検討事項 ............................................42 11.1. Authentication-Results方法レジストリの更新 ...............42 11.2. Authentication-Results結果レジストリの更新 ...............42 11.3. Feedback Report Header Fieldsレジストリの更新 ............44 11.4. DMARCタグレジストリ ......................................44 11.5. DMARC Report Format レジストリ ...........................45 12. セキュリティに対する検討事項 ..................................46 12.1. 認証方法 .................................................46 12.2. 報告URIに対する攻撃 ......................................46 12.3. DNSセキュリティ ..........................................47 12.4. 表示名による攻撃 .........................................47 12.5. 外部報告アドレス .........................................48 12.6. 保護プロトコル ...........................................48 13. 参照資料 ......................................................49 13.1. インターネット標準にかかわる参照資料......................49 13.2. 参考資料 .................................................50 付録A. 技術検討事項 ...............................................52 A.1. S/MIME .....................................................52 A.2. 認証方法の除外 .............................................53 A.3. Senderヘッダフィールド .....................................53 A.4. ドメイン存在判定............................................54 A.5. 運用時のADSPの問題..........................................54 A.6. 組織ドメイン検索の問題......................................55 付録 B.例..........................................................56 B.1. 識別子アライメント成立の例..................................56 B.2. ドメイン所有者の例..........................................58 B.3. メール受信者の例 ..........................................63 B.4. 集約フィードバックの利用例..................................64 B.5. mailtoの送信例..............................................65 付録C. DMARC XMLスキーマ ..........................................66 謝辞...............................................................73 著者連絡先.........................................................73
1. Introduction
The Sender Policy Framework ([SPF]) and DomainKeys Identified Mail
([DKIM]) provide domain-level authentication. They enable
cooperating email receivers to detect mail authorized to use the
domain name, which can permit differential handling. (A detailed
discussion of the threats these systems attempt to address can be
found in [DKIM-THREATS].) However, there has been no single widely
accepted or publicly available mechanism to communication of
1. はじめに
Sender Policy Framework ([SPF])およびDomainKeys Identified Mail ([DKIM])は、ドメインレベルの認証を行い、協調関係にある電子メール受信者がドメイン名の使用を許可されたメールを検出して、異なる処理が可能となる。(これらのシステムが対処しようとする脅威の詳細内容に関しては、[DKIM-THREATS]を参照していただきたい。) ただし、ドメイン特有のメッセージ処理ポリシーを受信者に通知したり、認証レポートや受信メールの処理を要求したりすることに対しては、広く受け入れられて公開されているメカニズムは存在していない。
[Page 3]
| 《PREV》 |