Efficient Email System Training

Dive into a comprehensive training program on efficiently managing emails using cutting-edge tools and techniques. Learn how to send, format, and customize emails, manage attachments, and enhance communication with volunteers seamlessly. Maximize productivity with valuable insights and hands-on guidance.

• Email System
• Training
• Volunteer Management
• Communication
• Productivity

yoey774 Follow

Uploaded on Feb 28, 2025 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. SDNS Influence on Email Security Standards 2022 Cryptologic History Symposium Russ Housley Founder, Vigil Security, LLC Vigil Security LLC 12 May 2022

2. Simplified Email Security History SDNS Message Security Protocol (MSP) Privacy Enhanced Mail (PEM) S/MIME v3.0 S/MIME v2 S/MIME v1 1999 1984 S/MIME v4.0: 2019 Vigil Security LLC

3. Privacy Enhanced Mail (PEM) PEM was created by the Privacy & Security Research Group; work started 1984, and initial design in early 1986 First PEM specification: February 1987 (RFC 989) Improvements: January 1988 (RFC 1024) Certificates August 1989 (RFCs 1113-1115) Algorithm Agility February 1993 (RFCs 1421-1424) Certificate Mgmt Core Idea 1: Confidentiality and integrity of the content with a single-use data-encrypting key (DEK) Core Idea 2: Encrypt the DEK for each email recipient with a long-lived key Fun Fact: PEM first specified Base64 encoding Vigil Security LLC

4. SDNS Message Security Protocol SDNS started in 1986; first MSP specification in 1987 Unclassified protocol, but classified algorithms Used both core ideas from PEM for encryption; however, the long-lived key was carried in a certificate Originator signature is validated by all recipients, where the signature public key was carried in a certificate Dead Idea: Fetch certificates and other digital objects from the X.500 Directory Robust support for mail lists, signed receipts, and label-based access control Deployment: Defense Message System (~2 million users) Vigil Security LLC

5. SDNS Message Security Protocol SDNS was about security for OSI protocols. As a result, MSP was designed to provide security for X.400 email. Vigil Security LLC

6. S/MIME v1 and v2 MIME (Multipurpose Internet Mail Extensions) expanded Internet email to allow attachments of many types RSA Data Security developed the S/MIME specification to employ the MIME conventions to provide encryption and signature of email messages S/MIME v1 and v2 used only the RSA algorithm for key management and digital signature Allowed more than one signature on same content In 1998, RSA Data Security turned over change control of the S/MIME specification to the IETF with the goal of wider adoption (RFCs 2311-2312) Vigil Security LLC

7. S/MIME v1 and v2 S/MIME provides security for MIME-enabled Internet email. RFC 821 Envelope RFC 822 Header Content-Type: application/pkcs7-mime; smime-type=enveloped-data Certificates Recipient tokens Content-Type: application/pkcs7-mime; smime-type=signed-data Certificates One or more digital signatures Each signature has its own authenticated Signing Time Content-Type: ... (The protected content.) Vigil Security LLC

8. S/MIME v3.0 Backward compatible with S/MIME v2 Algorithm agility not just RSA anymore Add support for mail list key management, signed receipts, label-based access control All of these come from MSP! Separate security labels for plaintext and ciphertext Published in 1999: RFCs 2630-2634 S/MIME is still used today S/MIME v4.0 was published in 2019 (RFCs 8550-8551) Vigil Security LLC

9. S/MIME v3.0 Content-Type: application/pkcs7-mime; smime-type=signed-data Certificates and CRLs One or more digital signatures Each signature has its own authenticated attributes ML Expansion History, Security Label, Content Description, etc. Content-Type: application/pkcs7-mime; smime-type=enveloped-data Certificates and CRLs Recipient and mail list tokens Content-Type: application/pkcs7-mime; smime-type=signed-data Certificates and CRLs One or more digital signatures Each signature has its own authenticated attributes Receipt Request, Security Label, Signing Time, etc. Content-Type: ... (The protected content.) Vigil Security LLC

10. Thank you! SDNS Message Security Protocol (MSP) Privacy Enhanced Mail (PEM) S/MIME v3.0 S/MIME v2 S/MIME v1 Vigil Security LLC