Return to search

Deployment and analysis of DKIM with DNSSEC / Driftsättning och analys av DKIM med DNSSEC

As the email system is widely used as a communication channel, and often is crucial for the performance of organizations, it is important that users can trust the content of what is being delivered to them. A standard called DomainKeys Identified Mail (DKIM) has been developed by the IETF to solve the problem with authentication and integrity, by using digital signatures. This master's thesis goal is to evaluate the solution where an implementation of DKIM is extended with DNSSEC validation. DNSSEC is a solution which secures, among other, the mapping between IP addresses and domain names. The implementation of DKIM is deployed and evaluated with function testing, domain testing, threat analysis, and interoperability testing.DKIM does not need any new public-key infrastructure, thus inflicting less cost on the deployment compared with other cryptographic solutions such as S/MIME and PGP. We recommended to use DKIM together with DNSSEC to secure the transportation of the DKIM public key. The upcoming standard ADSP can inform the recipient of whether a domain is signing its email or not and thereby a possibility to detect any unauthorized signature removal. A further problem is that mailing lists often manipulate the email, thus breaking the signature. We therefore recommend to send email directly to the recipient or active DKIM signing on the mailing lists.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-15899
Date January 2008
CreatorsBondesson, Rickard
PublisherLinköpings universitet, Institutionen för datavetenskap
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0018 seconds