Cryptographic signatures

From ASRG
Revision as of 15:42, 8 November 2012 by Jrlevine (talk | contribs) (Created page with "{{ast |date=late 1990s |difficult=High |popular=Medium |effective=High |harm=Low |where=MTA/MUA }} Cryptographic signatures associate a forgery-resistant identity with an e-ma...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
Anti-spam technique: Cryptographic signatures
Date of first use: late 1990s
Effectiveness: High
Popularity: Medium
Difficulty of implementation: High
Where implemented: MTA/MUA
Harm: Low

Cryptographic signatures associate a forgery-resistant identity with an e-mail message. They are not directly useful as anti-spam technique, but can be used in connection with reputation systems, so that a message signed with an identity that has a good reputation can be whitelisted or otherwise handled differently.

Some signatures such as S/MIME and PGP use an e-mail address as the identity and sign the body of the message. DKIM and its predecessor DomainKeys sign the entire message using a domain name as the identity.