Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Email, Messaging, and SSI/DID (再放送)
Search
sylph01
November 19, 2020
Technology
0
1.5k
Email, Messaging, and SSI/DID (再放送)
@ #idcon vol.28
https://idcon.connpass.com/event/191305/
sylph01
November 19, 2020
Tweet
Share
More Decks by sylph01
See All by sylph01
Updates on MLS on Ruby (and maybe more)
sylph01
1
200
End-to-End Encryption Saves Lives. You Can Start Saving Lives With Ruby, Too (RubyConf Taiwan 2025 ver.)
sylph01
1
97
PicoRuby's Networking is Incomplete
sylph01
1
46
The Definitive? Guide To Locally Organizing RubyKaigi
sylph01
6
1.7k
End-to-End Encryption Saves Lives. You Can Start Saving Lives With Ruby, Too
sylph01
1
140
End-to-End Encryption Saves Lives. You Can Start Saving Lives With Ruby, Too (JP subtitles)
sylph01
2
680
Introduction to C Extensions
sylph01
3
220
"Actual" Security in Microcontroller Ruby!?
sylph01
0
160
Everyone Now Understands AuthZ/AuthN and Encryption Perfectly and I'm Gonna Lose My Job
sylph01
1
78
Other Decks in Technology
See All in Technology
Data Hubグループ 紹介資料
sansan33
PRO
0
2.2k
「最速」で Gemini CLI を使いこなそう! 〜Cloud Shell/Cloud Run の活用〜 / The Fastest Way to Master the Gemini CLI — with Cloud Shell and Cloud Run
aoto
PRO
0
140
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
940
映像エッジAIにおけるNode-RED活用事例
emirmatsui
0
120
SCONE - 動画配信の帯域を最適化する新プロトコル
kazuho
1
310
クラウドとリアルの融合により、製造業はどう変わるのか?〜クラスメソッドの製造業への取組と共に〜
hamadakoji
0
280
今この時代に技術とどう向き合うべきか
gree_tech
PRO
2
2.1k
Okta Identity Governanceで実現する最小権限の原則 / Implementing the Principle of Least Privilege with Okta Identity Governance
tatsumin39
0
150
初めてのDatabricks Apps開発
taka_aki
1
230
生成AIを安心して活用するために──「情報セキュリティガイドライン」策定とポイント
gree_tech
PRO
0
150
CoRL 2025 Survey
harukiabe
1
240
「魔法少女まどか☆マギカ Magia Exedra」の多様なバトルの開発を柔軟かつ効率的に実現するためのPure C#とUnityの分離について
gree_tech
PRO
0
230
Featured
See All Featured
RailsConf 2023
tenderlove
30
1.3k
Why Our Code Smells
bkeepers
PRO
340
57k
jQuery: Nuts, Bolts and Bling
dougneiner
65
7.9k
Optimizing for Happiness
mojombo
379
70k
How to Ace a Technical Interview
jacobian
280
24k
Java REST API Framework Comparison - PWX 2021
mraible
34
8.9k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
What's in a price? How to price your products and services
michaelherold
246
12k
Unsuck your backbone
ammeep
671
58k
Product Roadmaps are Hard
iamctodd
PRO
55
11k
We Have a Design System, Now What?
morganepeng
53
7.8k
Site-Speed That Sticks
csswizardry
13
920
Transcript
Email, Messaging, and SSI/DID Ryo Kajiwara / sylph01 @ #idcon,
2020/11/19, ຊޠ࠶์ૹ
ҙࣄ߲ • ͜ΕͲͪΒ͔ͱ͍͏ͱҙݟද໌ͷΑ͏ͳੑ࣭ͷൃදͰ͢ • Ұ࣌ظͷQiitaͰ͍͏ͱ͜ΖͷʮϙΤϜʯ • ٞͷͨΊͷΞΠσΞग़͠Λ͢Δੑ࣭ͷͷͰ͢ • ΑͬͯɺϓϩμΫτ։ൃՌͷσϞͰ͋Γ·ͤΜ •
·ͨɺٞલఏʹൈ͚݀༨༟Ͱଘࡏ͢ΔͣͰ͢
None
TL;DR
SMTPΛ ΊΖ
Ͳ͏ͬͯ ΊΔʁ
None
ϝοηʔδϯάʹٻΊΔੑ࣭ • End-to-End҉߸Խ • ࠷֤ۙࠃ͕ban͠Α͏ͱ͍ͯ͠Δͬͯʁ • ҉߸Խ͞Εͨάϧʔϓϝοηʔδϯά • σʔλͷ੍ޚ •
identityදݱͷ੍ޚ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯ Δͷʁ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯΔͷʁ •
SMTPेͳ҉߸ԽೝূΛ͍࣋ͬͯͳ͍ • Eϝʔϧ௨ৗEnd-to-End҉߸ԽΛ͍࣋ͬͯͳ͍ • PGPS/MIMEΛͬͨͱ͜ΖͰάϧʔϓʹର͢Δ҉߸Խί ϛϡχέʔγϣϯͰ͖ͳ͍ • Eϝʔϧʹspam͕͋Δ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯΔͷʁ A:
ࣄલͷ৴པؔͷͳ͍ਓ͔Β ϝοηʔδΛड͚औΔ͜ͱ͕Ͱ͖Δ
Eϝʔϧʹspam͋Δ ͡ΌΜʂ
Eϝʔϧʹspam͕͋Δ ͷϓϩτίϧʹΈ ࠐ·Εͨಗ໊ੑ͕ݪҼ
Eϝʔϧͷಗ໊ੑ ʮࣄલͷ৴པؔͷͳ͍ਓ͔ΒϝοηʔδΛड͚औΕΔʯͱ͍͏ ੑ࣭ిʹ͋ͯ·Δ͕ɺEϝʔϧʹిʹ͋ΔΑ͏ͳ anti-abuse mechanismΛ͍࣋ͬͯͳ͍ɻ͜ΕEϝʔϧͷಗ໊ੑʹ ΑΔͷͰ͋Δɻ • ిΛabuseͨ͠߹ٯ୳͕Մೳ • Eϝʔϧʹ͓͍ͯidentityͷspoofing͕༰қͰɺั·͑Δ͜ͱ͕
ࠔ • ͱ͍͏͔Eϝʔϧʹ·ͱͳidentity layer͕ͳ͍
spammerEϝʔϧͷ ಗ໊ੑΛͬͯѱࣄΛ ಇ͘
ͦͦಗ໊ͷEϝʔϧɺཉ ͍͠ʁ ಗ໊ͷEϝʔϧߴ֬Ͱspamɻ ৽ͨʹ৴པؔ݁ͼ͍ͨ߹ಗ໊Ͱ͋Δ͜ͱʹ͍͍͜ͱͦΜͳ ʹͳ͍ɻ
͡Ό͋S/MIMEΛશҬత ʹ͍͍͑ͷͰʁ
S/MIMEͷ • ߴ͍ • ൃߦ͞Εͨ༻్ʹറΒΕΔ • ͋Δূ໌ॻಛఆͷorganizationʹ͓͚ΔॴଐΛূ໌ͯ͘͠Ε Δ͔͠Εͳ͍͕ • ΠϯλʔωοτͰৗʹͦͷಛఆͷࢠΛͣͬͱ͔Ϳ͍ͬͯͨ
͍͔ͱ͍͏ͱͦ͏Ͱͳ͍ • ෳͷূ໌ॻ͍͍͑͡ΌΜʁ1ߦʹΔ
ͬͱυϥεςΟοΫͳղ๏: ϚΠφϯόʔΧʔυͷ ূ໌ॻͰsign͞Εͨ ϝʔϧͳΒࣗಈతʹड ͚ೖΕΔ
୭ϚΠφϯόʔʹඥ ͍ͨΞΧϯτͰ spamͳΜ͔͠ͳ͍Ͱ ͠ΐʁ
·͋Θ͟Θ͟SSI/DIDͷ ฉ͖ʹདྷΔํͳΒ͜ ΕͷԿ͕ා͍͔Θ͔ Δͱࢥ͍·͕͢
None
Eϝʔϧͷself-sovereignੑ SMTP/POP/IMAPͱͱself-sovereignੑΛຬͨ͢ϓϩτίϧͰ ͋ͬͨɻࣗͰαʔόʔཱͯΔݶΓɻ • ࣗͰIDΛൃߦͰ͖Δ • ༻్ʹԠͯ͡IDΛ͍͚Δ͜ͱ͕Ͱ͖Δ • ࣗͷσʔλͷίϯτϩʔϧࣗͰ࣋ͭ͜ͱ͕Ͱ͖Δ
Eϝʔϧͷself-sovereignੑ ࠷ۙ୭ͦΜͳ͜ͱ͠ͳ͍ɻ • SMTP: దʹೝূ͢Δͷ͕͍͠ɻઃఆ1ݸͰؒҧ͑Δͱ spamͷ౿Έɻ • IMAP: ϚϧνσόΠεΞΫηεͳΒඞਢɻ͚ͩͲετϨʔδཧ ࠈʹؕΔ
݁Ռɺຊདྷself-sovereignͰ͋Δͣͷϓϩτίϧͳͷ͕ͩɺதԝ ूݖԽΛڐͯ͠͠·ͬͨ
Eϝʔϧͷself-sovereignੑ EϝʔϧͷதԝूݖԽspamͷΛΑΓѱԽ͍ͤͯ͞Δɻதԝ ूݖతEϝʔϧϓϩόΠμͷspamϑΟϧλͷಈ࡞ʹेͳಁ໌ੑ͕ ͳ͘ɺѱҙͷͳ͍ϝʔϧͰ͢ΒspamϑΟϧλʹҿ·ΕΔɻதԝू ݖతEϝʔϧϓϩόΠμΛར༻͍ͯ͠ͳ͍ϝʔϧspamϑΟϧλΛ ৴༻ͤ͞Δ͜ͱ͕͘͠ͳΓɺΑΓதԝूݖԽ͕ਐΉ ʢಁ໌ੑ͕͋ͬͨΒ͋ͬͨͰspamۀऀ͕ͦΕΛᷖճͯ͘͠ΔͷͰ Ϛζ͍ͱ͍͑ͦͷͱ͓Γ͕ͩ…ʣ
"Principles of User Sovereignty / Fundamental Problems of Distributed Systems"
@ IIW30 ʮࢄγεςϜͷ๊͑ΔࠜຊతͳΛղܾͰ͖ͳ͍ͱ͖ɺͦΕ اۀʹΑΔதԝूݖԽ(corporate capture)ΛࣗΒڐͯ͠͠·͏ʯ Eϝʔϧ·͞ʹ͜ͷ࠷ͨΔྫͰ͋ΔɻࢄγεςϜ๊͕͑Δຊ࣭ తͳʹରͯ͠ेͳղܾ͕ͳ͞Εͳ͔ͬͨͨΊɺاۀͦ͜ ʹϚωλΠζͷػձΛݟग़͠ɺதԝूݖԽͯ͠͠·ͬͨɻ
"Fundamental Problems of Distributed Systems" ྫ: • ϊʔυͷσΟεΧόϦʔ(Eϝʔϧͷ߹ૹ৴ઌͷ֬ఆʹඞཁ) • ϊʔυ͕ωοτϫʔΫʹࢀՃ͢Δࡍͷηογϣϯͷཱ֬
(introduction) • ϓϥΠόγʔ(ظతͳؔ࿈͚ͷࢠ) • τϥετ
Eϝʔϧ͕digital identityͷ֩ͱͳΔ ͜ͱͷා͍ ύεϫʔυΕͨͱ͖ͷϦηοτ͍͍ͩͨEϝʔϧΛ௨ͯ͠ߦΘ Ε·͢Ͷʁ →Eϝʔϧ͕ͬऔΒΕΔͱ͋ͳͨͷΠϯλʔωοτ্ͷidentity શͯͬऔΕ·͢ɻ secure messaging͕ସͰ͖Δ͔Ͳ͏͔͓͖ͯ͞ɺेʹηΩϡ ΞͰͳ͍ϓϩτίϧ/ΤίγεςϜΛdigital
identityͷ֩ͱ͢Δͷ ةݥͰ͋ΓɺସΛߟ͑Δඞཁ͕͋Δɻ
None
Ͳ͏ͨ͠ΒղܾͰ͖ Δʁ
༧ઢ: ͜Εͬͯཁ͢ΔʹBetter PGPͷͩΑͶʁ →ͬͯΔɻ
Verifiable CredentialΛ༻͍ͨEϝʔϧ ֤τϥϯβΫγϣϯʢ͜͜ͰEϝʔϧͷΓͱΓʹ૬͢Δʣ͝ ͱʹҟͳΔidentityͷදݱΛΓग़ͯ͠͏ʹͲ͏͢ΕΑ͍ ͔ʁˠಛఆͷidentityͷදݱʹରԠ͢Δverifiable credentialΛ͑ Α͍ spamϑΟϧλEϝʔϧʹؔ࿈͍ͮͨVCͷਖ਼ੑɾ৴པΛఆ ͢Δ
Verifiable CredentialΛ༻͍ͨEϝʔϧ Կ͕خ͍͠ʁ • ૹ৴ऀ: ʢϝʔϧ͕ਖ਼ͳ༻్Ͱ͋ΔݶΓʣspamϑΟϧλʹ ͻ͔͔ͬΔ͜ͱ͕ݮΔ • ͍ͭͰʹɺৗʹެࣜͳࢠ͔Ϳͬͯͳͯ͘Α͍ •
ड৴ऀ: spam͕ݮΔɺ·ͱͳϝʔϧ͕ड৴ശʹೖͬͯ͘Δ • ͪΌΜͱͨ͠ϓϩτίϧ֦ுΛ͢ΕݱࡏͷSMTPͷΤίγες ϜͱڞଘͰ͖Δ
Messaging Layer Security https://messaginglayersecurity.rocks/ ηΩϡΞͰinteroperableͳάϧʔϓϝοηʔδϯάͷͨΊͷϓϩτ ίϧΛఆٛ͠Α͏ͱ͍ͯ͠ΔIETFͷWGɻ End-to-End҉߸ԽΛ࣋ͭʢͦΕͦ͏ʣɺ҉߸Խάϧʔϓϝο ηʔδϯά͕Մೳ ಛఆͷϓϥοτϑΥʔϜʹ͓͚ΔID͕ඞཁ
DIDComm Aries RFC 0005: DID Communication Ͱઆ໌͞Ε͍ͯΔDID Agentಉ࢜ ͷίϛϡχέʔγϣϯϝΧχζϜɻ DIDCommͱ͍͏ϓϩτίϧ͕͋Δɺͱ͍͏ΑΓDIDCommͷ্ʹ
֤ΞϓϦέʔγϣϯ͝ͱͷϓϩτίϧΛ࣮͢Δɺͱ͍͏΄͏͕ ͯ·ΔɻExplainerͰ˓×ήʔϜ༻ͷϓϩτίϧΛDIDCommͷ ্Ͱ࣮͍ͯ͠Δɻ
DIDComm ओͳಛͱͯ͠ɺʮඇಉظɺ୯ํ(simplex)ͷϝοηʔδϯάͰ͋ ΔʯʮτϥϯεϙʔτґଘੑΛ࣋ͨͳ͍(transport-agnostic)ʯ ʮEnd-to-end҉߸Խ͞Ε͍ͯΔʯͱ͍͏ੑ࣭͕͋Δɻ ૹΓઌͷൃݟ(discovery)DID RelationshipͷߏஙʹΑͬͯߦΘΕ Δɻ
None
·ͱΊ • Eϝʔϧͷͱͯ͠ʮ҉߸Խ͕ेͰͳ͍ʯ͜ͱʹՃ͑ͯʮ· ͱͳidentity layer͕ͳ͍ʯͱ͍͏͕͋Δ • identity layerͷߏஙΛதԝूݖԽ͞ΕͨEϝʔϧϓϩόΠμʹ· ͔ͤͯ͠·͏ͱEϝʔϧͷࡏతͳself-sovereignੑΛࣦͬͯ͠ ·͏
• DIDVCٕज़ͰEϝʔϧͷidentity layerΛ࡞Δ͔ɺͦͦDIDʹ ΑΔidentity layerΛ࣋ͭϓϩτίϧͰ͋ΔDIDCommʹ͔ͬͬ ͯ͠·͏ͷ͕Α͍ͷͰʁ