Slide 1
Slide 1 text
Email, Messaging, and
SSI/DID
Ryo Kajiwara / sylph01
@ #idcon, 2020/11/19, ຊޠ࠶์ૹ
Slide 2
Slide 2 text
ҙࣄ߲
• ͜ΕͲͪΒ͔ͱ͍͏ͱҙݟද໌ͷΑ͏ͳੑ࣭ͷൃදͰ͢
• Ұ࣌ظͷQiitaͰ͍͏ͱ͜ΖͷʮϙΤϜʯ
• ٞͷͨΊͷΞΠσΞग़͠Λ͢Δੑ࣭ͷͷͰ͢
• ΑͬͯɺϓϩμΫτ։ൃՌͷσϞͰ͋Γ·ͤΜ
• ·ͨɺٞલఏʹൈ͚݀༨༟Ͱଘࡏ͢ΔͣͰ͢
Slide 3
Slide 3 text
No content
Slide 4
Slide 4 text
TL;DR
Slide 5
Slide 5 text
SMTPΛ
ΊΖ
Slide 6
Slide 6 text
Ͳ͏ͬͯ
ΊΔʁ
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
ϝοηʔδϯάʹٻΊΔੑ࣭
• End-to-End҉߸Խ
• ࠷֤ۙࠃ͕ban͠Α͏ͱ͍ͯ͠Δͬͯʁ
• ҉߸Խ͞Εͨάϧʔϓϝοηʔδϯά
• σʔλͷ੍ޚ
• identityදݱͷ੍ޚ
Slide 9
Slide 9 text
Q: ͳΜͰLINE /
Facebook Messenger /
WhatsApp etc.͕͋Δͷ
ʹϝʔϧͳΜ͔ͬͯ
Δͷʁ
Slide 10
Slide 10 text
Q: ͳΜͰLINE / Facebook
Messenger / WhatsApp etc.͕͋Δͷ
ʹϝʔϧͳΜ͔ͬͯΔͷʁ
• SMTPेͳ҉߸ԽೝূΛ͍࣋ͬͯͳ͍
• Eϝʔϧ௨ৗEnd-to-End҉߸ԽΛ͍࣋ͬͯͳ͍
• PGPS/MIMEΛͬͨͱ͜ΖͰάϧʔϓʹର͢Δ҉߸Խί
ϛϡχέʔγϣϯͰ͖ͳ͍
• Eϝʔϧʹspam͕͋Δ
Slide 11
Slide 11 text
Q: ͳΜͰLINE / Facebook
Messenger / WhatsApp etc.͕͋Δͷ
ʹϝʔϧͳΜ͔ͬͯΔͷʁ
A: ࣄલͷ৴པؔͷͳ͍ਓ͔Β
ϝοηʔδΛड͚औΔ͜ͱ͕Ͱ͖Δ
Slide 12
Slide 12 text
Eϝʔϧʹspam͋Δ
͡ΌΜʂ
Slide 13
Slide 13 text
Eϝʔϧʹspam͕͋Δ
ͷϓϩτίϧʹΈ
ࠐ·Εͨಗ໊ੑ͕ݪҼ
Slide 14
Slide 14 text
Eϝʔϧͷಗ໊ੑ
ʮࣄલͷ৴པؔͷͳ͍ਓ͔ΒϝοηʔδΛड͚औΕΔʯͱ͍͏
ੑ࣭ిʹ͋ͯ·Δ͕ɺEϝʔϧʹిʹ͋ΔΑ͏ͳ
anti-abuse mechanismΛ͍࣋ͬͯͳ͍ɻ͜ΕEϝʔϧͷಗ໊ੑʹ
ΑΔͷͰ͋Δɻ
• ిΛabuseͨ͠߹ٯ୳͕Մೳ
• Eϝʔϧʹ͓͍ͯidentityͷspoofing͕༰қͰɺั·͑Δ͜ͱ͕
ࠔ
• ͱ͍͏͔Eϝʔϧʹ·ͱͳidentity layer͕ͳ͍
Slide 15
Slide 15 text
spammerEϝʔϧͷ
ಗ໊ੑΛͬͯѱࣄΛ
ಇ͘
Slide 16
Slide 16 text
ͦͦಗ໊ͷEϝʔϧɺཉ
͍͠ʁ
ಗ໊ͷEϝʔϧߴ֬Ͱspamɻ
৽ͨʹ৴པؔ݁ͼ͍ͨ߹ಗ໊Ͱ͋Δ͜ͱʹ͍͍͜ͱͦΜͳ
ʹͳ͍ɻ
Slide 17
Slide 17 text
͡Ό͋S/MIMEΛશҬత
ʹ͍͍͑ͷͰʁ
Slide 18
Slide 18 text
S/MIMEͷ
• ߴ͍
• ൃߦ͞Εͨ༻్ʹറΒΕΔ
• ͋Δূ໌ॻಛఆͷorganizationʹ͓͚ΔॴଐΛূ໌ͯ͘͠Ε
Δ͔͠Εͳ͍͕
• ΠϯλʔωοτͰৗʹͦͷಛఆͷࢠΛͣͬͱ͔Ϳ͍ͬͯͨ
͍͔ͱ͍͏ͱͦ͏Ͱͳ͍
• ෳͷূ໌ॻ͍͍͑͡ΌΜʁ1ߦʹΔ
Slide 19
Slide 19 text
ͬͱυϥεςΟοΫͳղ๏:
ϚΠφϯόʔΧʔυͷ
ূ໌ॻͰsign͞Εͨ
ϝʔϧͳΒࣗಈతʹड
͚ೖΕΔ
Slide 20
Slide 20 text
୭ϚΠφϯόʔʹඥ
͍ͨΞΧϯτͰ
spamͳΜ͔͠ͳ͍Ͱ
͠ΐʁ
Slide 21
Slide 21 text
·͋Θ͟Θ͟SSI/DIDͷ
ฉ͖ʹདྷΔํͳΒ͜
ΕͷԿ͕ා͍͔Θ͔
Δͱࢥ͍·͕͢
Slide 22
Slide 22 text
No content
Slide 23
Slide 23 text
Eϝʔϧͷself-sovereignੑ
SMTP/POP/IMAPͱͱself-sovereignੑΛຬͨ͢ϓϩτίϧͰ
͋ͬͨɻࣗͰαʔόʔཱͯΔݶΓɻ
• ࣗͰIDΛൃߦͰ͖Δ
• ༻్ʹԠͯ͡IDΛ͍͚Δ͜ͱ͕Ͱ͖Δ
• ࣗͷσʔλͷίϯτϩʔϧࣗͰ࣋ͭ͜ͱ͕Ͱ͖Δ
Slide 24
Slide 24 text
Eϝʔϧͷself-sovereignੑ
࠷ۙ୭ͦΜͳ͜ͱ͠ͳ͍ɻ
• SMTP: దʹೝূ͢Δͷ͕͍͠ɻઃఆ1ݸͰؒҧ͑Δͱ
spamͷ౿Έɻ
• IMAP: ϚϧνσόΠεΞΫηεͳΒඞਢɻ͚ͩͲετϨʔδཧ
ࠈʹؕΔ
݁Ռɺຊདྷself-sovereignͰ͋Δͣͷϓϩτίϧͳͷ͕ͩɺதԝ
ूݖԽΛڐͯ͠͠·ͬͨ
Slide 25
Slide 25 text
Eϝʔϧͷself-sovereignੑ
EϝʔϧͷதԝूݖԽspamͷΛΑΓѱԽ͍ͤͯ͞Δɻதԝ
ूݖతEϝʔϧϓϩόΠμͷspamϑΟϧλͷಈ࡞ʹेͳಁ໌ੑ͕
ͳ͘ɺѱҙͷͳ͍ϝʔϧͰ͢ΒspamϑΟϧλʹҿ·ΕΔɻதԝू
ݖతEϝʔϧϓϩόΠμΛར༻͍ͯ͠ͳ͍ϝʔϧspamϑΟϧλΛ
৴༻ͤ͞Δ͜ͱ͕͘͠ͳΓɺΑΓதԝूݖԽ͕ਐΉ
ʢಁ໌ੑ͕͋ͬͨΒ͋ͬͨͰspamۀऀ͕ͦΕΛᷖճͯ͘͠ΔͷͰ
Ϛζ͍ͱ͍͑ͦͷͱ͓Γ͕ͩ…ʣ
Slide 26
Slide 26 text
"Principles of User Sovereignty /
Fundamental Problems of Distributed
Systems" @ IIW30
ʮࢄγεςϜͷ๊͑ΔࠜຊతͳΛղܾͰ͖ͳ͍ͱ͖ɺͦΕ
اۀʹΑΔதԝूݖԽ(corporate capture)ΛࣗΒڐͯ͠͠·͏ʯ
Eϝʔϧ·͞ʹ͜ͷ࠷ͨΔྫͰ͋ΔɻࢄγεςϜ๊͕͑Δຊ࣭
తͳʹରͯ͠ेͳղܾ͕ͳ͞Εͳ͔ͬͨͨΊɺاۀͦ͜
ʹϚωλΠζͷػձΛݟग़͠ɺதԝूݖԽͯ͠͠·ͬͨɻ
Slide 27
Slide 27 text
"Fundamental Problems of
Distributed Systems"
ྫ:
• ϊʔυͷσΟεΧόϦʔ(Eϝʔϧͷ߹ૹ৴ઌͷ֬ఆʹඞཁ)
• ϊʔυ͕ωοτϫʔΫʹࢀՃ͢Δࡍͷηογϣϯͷཱ֬
(introduction)
• ϓϥΠόγʔ(ظతͳؔ࿈͚ͷࢠ)
• τϥετ
Slide 28
Slide 28 text
Eϝʔϧ͕digital identityͷ֩ͱͳΔ
͜ͱͷා͍
ύεϫʔυΕͨͱ͖ͷϦηοτ͍͍ͩͨEϝʔϧΛ௨ͯ͠ߦΘ
Ε·͢Ͷʁ
→Eϝʔϧ͕ͬऔΒΕΔͱ͋ͳͨͷΠϯλʔωοτ্ͷidentity
શͯͬऔΕ·͢ɻ
secure messaging͕ସͰ͖Δ͔Ͳ͏͔͓͖ͯ͞ɺेʹηΩϡ
ΞͰͳ͍ϓϩτίϧ/ΤίγεςϜΛdigital identityͷ֩ͱ͢Δͷ
ةݥͰ͋ΓɺସΛߟ͑Δඞཁ͕͋Δɻ
Slide 29
Slide 29 text
No content
Slide 30
Slide 30 text
Ͳ͏ͨ͠ΒղܾͰ͖
Δʁ
Slide 31
Slide 31 text
༧ઢ:
͜Εͬͯཁ͢ΔʹBetter
PGPͷͩΑͶʁ
→ͬͯΔɻ
Slide 32
Slide 32 text
Verifiable CredentialΛ༻͍ͨEϝʔϧ
֤τϥϯβΫγϣϯʢ͜͜ͰEϝʔϧͷΓͱΓʹ૬͢Δʣ͝
ͱʹҟͳΔidentityͷදݱΛΓग़ͯ͠͏ʹͲ͏͢ΕΑ͍
͔ʁˠಛఆͷidentityͷදݱʹରԠ͢Δverifiable credentialΛ͑
Α͍
spamϑΟϧλEϝʔϧʹؔ࿈͍ͮͨVCͷਖ਼ੑɾ৴པΛఆ
͢Δ
Slide 33
Slide 33 text
Verifiable CredentialΛ༻͍ͨEϝʔϧ
Կ͕خ͍͠ʁ
• ૹ৴ऀ: ʢϝʔϧ͕ਖ਼ͳ༻్Ͱ͋ΔݶΓʣspamϑΟϧλʹ
ͻ͔͔ͬΔ͜ͱ͕ݮΔ
• ͍ͭͰʹɺৗʹެࣜͳࢠ͔Ϳͬͯͳͯ͘Α͍
• ड৴ऀ: spam͕ݮΔɺ·ͱͳϝʔϧ͕ड৴ശʹೖͬͯ͘Δ
• ͪΌΜͱͨ͠ϓϩτίϧ֦ுΛ͢ΕݱࡏͷSMTPͷΤίγες
ϜͱڞଘͰ͖Δ
Slide 34
Slide 34 text
Messaging Layer Security
https://messaginglayersecurity.rocks/
ηΩϡΞͰinteroperableͳάϧʔϓϝοηʔδϯάͷͨΊͷϓϩτ
ίϧΛఆٛ͠Α͏ͱ͍ͯ͠ΔIETFͷWGɻ
End-to-End҉߸ԽΛ࣋ͭʢͦΕͦ͏ʣɺ҉߸Խάϧʔϓϝο
ηʔδϯά͕Մೳ
ಛఆͷϓϥοτϑΥʔϜʹ͓͚ΔID͕ඞཁ
Slide 35
Slide 35 text
DIDComm
Aries RFC 0005: DID Communication Ͱઆ໌͞Ε͍ͯΔDID Agentಉ࢜
ͷίϛϡχέʔγϣϯϝΧχζϜɻ
DIDCommͱ͍͏ϓϩτίϧ͕͋Δɺͱ͍͏ΑΓDIDCommͷ্ʹ
֤ΞϓϦέʔγϣϯ͝ͱͷϓϩτίϧΛ࣮͢Δɺͱ͍͏΄͏͕
ͯ·ΔɻExplainerͰ˓×ήʔϜ༻ͷϓϩτίϧΛDIDCommͷ
্Ͱ࣮͍ͯ͠Δɻ
Slide 36
Slide 36 text
DIDComm
ओͳಛͱͯ͠ɺʮඇಉظɺ୯ํ(simplex)ͷϝοηʔδϯάͰ͋
ΔʯʮτϥϯεϙʔτґଘੑΛ࣋ͨͳ͍(transport-agnostic)ʯ
ʮEnd-to-end҉߸Խ͞Ε͍ͯΔʯͱ͍͏ੑ࣭͕͋Δɻ
ૹΓઌͷൃݟ(discovery)DID RelationshipͷߏஙʹΑͬͯߦΘΕ
Δɻ
Slide 37
Slide 37 text
No content
Slide 38
Slide 38 text
·ͱΊ
• Eϝʔϧͷͱͯ͠ʮ҉߸Խ͕ेͰͳ͍ʯ͜ͱʹՃ͑ͯʮ·
ͱͳidentity layer͕ͳ͍ʯͱ͍͏͕͋Δ
• identity layerͷߏஙΛதԝूݖԽ͞ΕͨEϝʔϧϓϩόΠμʹ·
͔ͤͯ͠·͏ͱEϝʔϧͷࡏతͳself-sovereignੑΛࣦͬͯ͠
·͏
• DIDVCٕज़ͰEϝʔϧͷidentity layerΛ࡞Δ͔ɺͦͦDIDʹ
ΑΔidentity layerΛ࣋ͭϓϩτίϧͰ͋ΔDIDCommʹ͔ͬͬ
ͯ͠·͏ͷ͕Α͍ͷͰʁ