The Internet Engineering Task Force (IETF) will be meeting next week in Quebec City. The IETF, which produces the RFC document series that defines Internet standards, hosts a lot of activity that is of current interest to the messaging security community. Cloudmark is a very active participant in these processes, as a means of staying ahead of the technology curve while also influencing the direction of it.
As I blogged back in April, the industry has been working on an Internet standard called DKIM, or DomainKeys Identified Mail, which is a young but promising email security technology. This past week the IETF approved publication of a revised version of the DKIM specification, with Cloudmark as a co-editor. This is a significant milestone in that DKIM is now recognized as having proven itself and thus has reached a elevated maturity level (“Draft Standard”). We anticipate this will encourage development of new systems that can capitalize on DKIM to improve the email experience as DKIM gains wider acceptance and deployment.
Cloudmark is also spearheading the effort to create a new working group within the IETF to develop new protocols that enable reputation services, not only for reputations about domain names, but anything about which you might want to ask for a rating. The interest in the idea within industry is clearly visible, and the discussion should be lively. We’re already looking at ways to capitalize on the data we collect on an ongoing basis to participate actively in this evolution.
We’re directly involved in a working group that talks about standardizing feedback loops (FBLs). These are automated streams of data from users directly to service providers about messages they receive that are abusive, enabling those service providers to respond more quickly. (When you click “Report Spam”, you’re putting data into an FBL.) Cloudmark uses FBLs to collect spam reports and thus keep our system’s accuracy at the top of its class. This work is also branching out into the mobile world, where we’ve been making quite a splash lately.
We’ve started work on a best practices document that’s intended to get all vendors to converge on how they interpret certain malformations in the mail stream. That some components differ in how they handle these various cases can enable certain attacks, and we’re doing this work to try to close those gaps so that this class of attack is harder or impossible to mount in the future. There’s some interest in branching this work in to a similar document that covers the behaviour of web browsers.
Cloudmark has also been approached by people inside ICANN (the Internet Corporation for Assigned Names and Numbers) to work on a revised specification for WHOIS, the perennial tool for looking up registrants of domain names and network blocks. Very early conversations within the IETF about what such a revised system should look like are already taking place. We’re interested in the success of this because a reliable WHOIS system would go a long way to identifying bad actors long before they ever get near your inbox. We’re already involved at the ground level.
We monitor the people that are doing work on internationalizing email addresses. Not only are email systems going to have to cope with the added complexity of supporting these, but we need to think ahead to how bad actors will try to exploit these changes to try to get into your inbox, and plan accordingly.
And we’re keeping a very close eye on developments within the IPv6 working groups. As you’ve undoubtedly heard by now, IPv6 is being slowly deployed at all major service providers. Since a lot of your perimeter security in messaging is based on IP addresses, it’s important that those systems either transition smoothly into the world of IPv6 or are replaced with something that’s as good or better. There’s considerable debate about the efficacy of one of these rollout tools (“6to4”), and we’re watching to see how it plays out.
Those are just the highlights. There are many more working groups doing interesting things in and around messaging. It’s going to be a busy and exciting week as we get some hints from all of this of what the future of messaging might look like. Come back to the blog in early August to find out!