NIST Trustworthy Email Project High Assurance Domain Project Scott - - PowerPoint PPT Presentation

▶

Mar 15, 2023 250 likes •309 views

NIST Trustworthy Email Project High Assurance Domain Project Scott Rose, NIST scottr@nist.gov ICANN Meeting Oct. 15 th , 2014 Los Angeles CA First, A Bit of History 2011 USG DNSSEC Tiger Team has a 2 nd goal: authenticated email

SLIDE 1

High Assurance Domain Project

NIST Trustworthy Email Project

Scott Rose, NIST

scottr@nist.gov

ICANN Meeting Oct. 15th, 2014 Los Angeles CA

SLIDE 2

High Assurance Domain Project

First, A Bit of History

2011 USG DNSSEC Tiger Team has a 2nd goal:

authenticated email

– Deployment of Sender Policy Framework (SPF) and Domain Keying (DKIM) seen as first step – Authenticated email seen as vital for G2G and G2C communications

Right now, agencies explicitly state never to trust unsolicited

email originating from them.

DNSSEC seen as the enabling technology

SLIDE 3

High Assurance Domain Project

NIST HAD Project

Enterprise level email security

– SPF/DKIM/DMARC deployment – SMTP over TLS using DANE

End-to-End email security using the DNS as a

trust infrastructure

– OpenPGP – S/MIME

SLIDE 4

High Assurance Domain Project

What HAD is Doing

Monitoring for security artifacts in DNS

– USG, banks, EDU

Interactive test tools

– SPF/DKIM/DMARC – OPENPGP – SMIMEA

Guidance Documents

– NIST Special Publications

Protocol specifications

NIST Trustworthy Email Project

Scott Rose, NIST

First, A Bit of History

authenticated email

– Deployment of Sender Policy Framework (SPF) and Domain Keying (DKIM) seen as first step – Authenticated email seen as vital for G2G and G2C communications

NIST HAD Project

– SPF/DKIM/DMARC deployment – SMTP over TLS using DANE

trust infrastructure

– OpenPGP – S/MIME

What HAD is Doing

https://www.had-pilot.com/