Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Email, Messaging, and SSI/DID (再放送)
Search
sylph01
November 19, 2020
Technology
0
1.4k
Email, Messaging, and SSI/DID (再放送)
@ #idcon vol.28
https://idcon.connpass.com/event/191305/
sylph01
November 19, 2020
Tweet
Share
More Decks by sylph01
See All by sylph01
"Actual" Security in Microcontroller Ruby!?
sylph01
0
66
Everyone Now Understands AuthZ/AuthN and Encryption Perfectly and I'm Gonna Lose My Job
sylph01
1
12
Updates on PicoRuby Networking, HPKE (and maybe more)
sylph01
1
200
Adding Security to Microcontroller Ruby
sylph01
2
3.2k
Secure Messaging at IETF 118
sylph01
0
73
Adventures in the Dungeons of OpenSSL
sylph01
0
480
Community & RubyKaigi Showcase @ Ehime.rb Reboot Meetup
sylph01
0
300
Build and Learn Rails Authentication
sylph01
8
2k
Email, Messaging, and Self-Sovereign Identity (2021/05/28 edition)
sylph01
0
280
Other Decks in Technology
See All in Technology
Amazon SageMaker Unified Studio(Preview)、Lakehouse と Amazon S3 Tables
ishikawa_satoru
0
150
開発生産性向上! 育成を「改善」と捉えるエンジニア育成戦略
shoota
1
230
Oracle Cloudの生成AIサービスって実際どこまで使えるの? エンジニア目線で試してみた
minorun365
PRO
4
270
.NET 9 のパフォーマンス改善
nenonaninu
0
530
[Ruby] Develop a Morse Code Learning Gem & Beep from Strings
oguressive
1
150
re:Invent をおうちで楽しんでみた ~CloudWatch のオブザーバビリティ機能がスゴい!/ Enjoyed AWS re:Invent from Home and CloudWatch Observability Feature is Amazing!
yuj1osm
0
120
GitHub Copilot のテクニック集/GitHub Copilot Techniques
rayuron
23
11k
複雑性の高いオブジェクト編集に向き合う: プラガブルなReactフォーム設計
righttouch
PRO
0
110
生成AIをより賢く エンジニアのための RAG入門 - Oracle AI Jam Session #20
kutsushitaneko
4
210
バクラクのドキュメント解析技術と実データにおける課題 / layerx-ccc-winter-2024
shimacos
2
1k
watsonx.ai Dojo #5 ファインチューニングとInstructLAB
oniak3ibm
PRO
0
160
ハイテク休憩
sat
PRO
2
120
Featured
See All Featured
Designing for humans not robots
tammielis
250
25k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
29
2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Building an army of robots
kneath
302
44k
We Have a Design System, Now What?
morganepeng
51
7.3k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
0
94
Become a Pro
speakerdeck
PRO
26
5k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
The World Runs on Bad Software
bkeepers
PRO
65
11k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Transcript
Email, Messaging, and SSI/DID Ryo Kajiwara / sylph01 @ #idcon,
2020/11/19, ຊޠ࠶์ૹ
ҙࣄ߲ • ͜ΕͲͪΒ͔ͱ͍͏ͱҙݟද໌ͷΑ͏ͳੑ࣭ͷൃදͰ͢ • Ұ࣌ظͷQiitaͰ͍͏ͱ͜ΖͷʮϙΤϜʯ • ٞͷͨΊͷΞΠσΞग़͠Λ͢Δੑ࣭ͷͷͰ͢ • ΑͬͯɺϓϩμΫτ։ൃՌͷσϞͰ͋Γ·ͤΜ •
·ͨɺٞલఏʹൈ͚݀༨༟Ͱଘࡏ͢ΔͣͰ͢
None
TL;DR
SMTPΛ ΊΖ
Ͳ͏ͬͯ ΊΔʁ
None
ϝοηʔδϯάʹٻΊΔੑ࣭ • End-to-End҉߸Խ • ࠷֤ۙࠃ͕ban͠Α͏ͱ͍ͯ͠Δͬͯʁ • ҉߸Խ͞Εͨάϧʔϓϝοηʔδϯά • σʔλͷ੍ޚ •
identityදݱͷ੍ޚ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯ Δͷʁ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯΔͷʁ •
SMTPेͳ҉߸ԽೝূΛ͍࣋ͬͯͳ͍ • Eϝʔϧ௨ৗEnd-to-End҉߸ԽΛ͍࣋ͬͯͳ͍ • PGPS/MIMEΛͬͨͱ͜ΖͰάϧʔϓʹର͢Δ҉߸Խί ϛϡχέʔγϣϯͰ͖ͳ͍ • Eϝʔϧʹspam͕͋Δ
Q: ͳΜͰLINE / Facebook Messenger / WhatsApp etc.͕͋Δͷ ʹϝʔϧͳΜ͔ͬͯΔͷʁ A:
ࣄલͷ৴པؔͷͳ͍ਓ͔Β ϝοηʔδΛड͚औΔ͜ͱ͕Ͱ͖Δ
Eϝʔϧʹspam͋Δ ͡ΌΜʂ
Eϝʔϧʹspam͕͋Δ ͷϓϩτίϧʹΈ ࠐ·Εͨಗ໊ੑ͕ݪҼ
Eϝʔϧͷಗ໊ੑ ʮࣄલͷ৴པؔͷͳ͍ਓ͔ΒϝοηʔδΛड͚औΕΔʯͱ͍͏ ੑ࣭ిʹ͋ͯ·Δ͕ɺEϝʔϧʹిʹ͋ΔΑ͏ͳ anti-abuse mechanismΛ͍࣋ͬͯͳ͍ɻ͜ΕEϝʔϧͷಗ໊ੑʹ ΑΔͷͰ͋Δɻ • ిΛabuseͨ͠߹ٯ୳͕Մೳ • Eϝʔϧʹ͓͍ͯidentityͷspoofing͕༰қͰɺั·͑Δ͜ͱ͕
ࠔ • ͱ͍͏͔Eϝʔϧʹ·ͱͳidentity layer͕ͳ͍
spammerEϝʔϧͷ ಗ໊ੑΛͬͯѱࣄΛ ಇ͘
ͦͦಗ໊ͷEϝʔϧɺཉ ͍͠ʁ ಗ໊ͷEϝʔϧߴ֬Ͱspamɻ ৽ͨʹ৴པؔ݁ͼ͍ͨ߹ಗ໊Ͱ͋Δ͜ͱʹ͍͍͜ͱͦΜͳ ʹͳ͍ɻ
͡Ό͋S/MIMEΛશҬత ʹ͍͍͑ͷͰʁ
S/MIMEͷ • ߴ͍ • ൃߦ͞Εͨ༻్ʹറΒΕΔ • ͋Δূ໌ॻಛఆͷorganizationʹ͓͚ΔॴଐΛূ໌ͯ͘͠Ε Δ͔͠Εͳ͍͕ • ΠϯλʔωοτͰৗʹͦͷಛఆͷࢠΛͣͬͱ͔Ϳ͍ͬͯͨ
͍͔ͱ͍͏ͱͦ͏Ͱͳ͍ • ෳͷূ໌ॻ͍͍͑͡ΌΜʁ1ߦʹΔ
ͬͱυϥεςΟοΫͳղ๏: ϚΠφϯόʔΧʔυͷ ূ໌ॻͰsign͞Εͨ ϝʔϧͳΒࣗಈతʹड ͚ೖΕΔ
୭ϚΠφϯόʔʹඥ ͍ͨΞΧϯτͰ spamͳΜ͔͠ͳ͍Ͱ ͠ΐʁ
·͋Θ͟Θ͟SSI/DIDͷ ฉ͖ʹདྷΔํͳΒ͜ ΕͷԿ͕ා͍͔Θ͔ Δͱࢥ͍·͕͢
None
Eϝʔϧͷself-sovereignੑ SMTP/POP/IMAPͱͱself-sovereignੑΛຬͨ͢ϓϩτίϧͰ ͋ͬͨɻࣗͰαʔόʔཱͯΔݶΓɻ • ࣗͰIDΛൃߦͰ͖Δ • ༻్ʹԠͯ͡IDΛ͍͚Δ͜ͱ͕Ͱ͖Δ • ࣗͷσʔλͷίϯτϩʔϧࣗͰ࣋ͭ͜ͱ͕Ͱ͖Δ
Eϝʔϧͷself-sovereignੑ ࠷ۙ୭ͦΜͳ͜ͱ͠ͳ͍ɻ • SMTP: దʹೝূ͢Δͷ͕͍͠ɻઃఆ1ݸͰؒҧ͑Δͱ spamͷ౿Έɻ • IMAP: ϚϧνσόΠεΞΫηεͳΒඞਢɻ͚ͩͲετϨʔδཧ ࠈʹؕΔ
݁Ռɺຊདྷself-sovereignͰ͋Δͣͷϓϩτίϧͳͷ͕ͩɺதԝ ूݖԽΛڐͯ͠͠·ͬͨ
Eϝʔϧͷself-sovereignੑ EϝʔϧͷதԝूݖԽspamͷΛΑΓѱԽ͍ͤͯ͞Δɻதԝ ूݖతEϝʔϧϓϩόΠμͷspamϑΟϧλͷಈ࡞ʹेͳಁ໌ੑ͕ ͳ͘ɺѱҙͷͳ͍ϝʔϧͰ͢ΒspamϑΟϧλʹҿ·ΕΔɻதԝू ݖతEϝʔϧϓϩόΠμΛར༻͍ͯ͠ͳ͍ϝʔϧspamϑΟϧλΛ ৴༻ͤ͞Δ͜ͱ͕͘͠ͳΓɺΑΓதԝूݖԽ͕ਐΉ ʢಁ໌ੑ͕͋ͬͨΒ͋ͬͨͰspamۀऀ͕ͦΕΛᷖճͯ͘͠ΔͷͰ Ϛζ͍ͱ͍͑ͦͷͱ͓Γ͕ͩ…ʣ
"Principles of User Sovereignty / Fundamental Problems of Distributed Systems"
@ IIW30 ʮࢄγεςϜͷ๊͑ΔࠜຊతͳΛղܾͰ͖ͳ͍ͱ͖ɺͦΕ اۀʹΑΔதԝूݖԽ(corporate capture)ΛࣗΒڐͯ͠͠·͏ʯ Eϝʔϧ·͞ʹ͜ͷ࠷ͨΔྫͰ͋ΔɻࢄγεςϜ๊͕͑Δຊ࣭ తͳʹରͯ͠ेͳղܾ͕ͳ͞Εͳ͔ͬͨͨΊɺاۀͦ͜ ʹϚωλΠζͷػձΛݟग़͠ɺதԝूݖԽͯ͠͠·ͬͨɻ
"Fundamental Problems of Distributed Systems" ྫ: • ϊʔυͷσΟεΧόϦʔ(Eϝʔϧͷ߹ૹ৴ઌͷ֬ఆʹඞཁ) • ϊʔυ͕ωοτϫʔΫʹࢀՃ͢Δࡍͷηογϣϯͷཱ֬
(introduction) • ϓϥΠόγʔ(ظతͳؔ࿈͚ͷࢠ) • τϥετ
Eϝʔϧ͕digital identityͷ֩ͱͳΔ ͜ͱͷා͍ ύεϫʔυΕͨͱ͖ͷϦηοτ͍͍ͩͨEϝʔϧΛ௨ͯ͠ߦΘ Ε·͢Ͷʁ →Eϝʔϧ͕ͬऔΒΕΔͱ͋ͳͨͷΠϯλʔωοτ্ͷidentity શͯͬऔΕ·͢ɻ secure messaging͕ସͰ͖Δ͔Ͳ͏͔͓͖ͯ͞ɺेʹηΩϡ ΞͰͳ͍ϓϩτίϧ/ΤίγεςϜΛdigital
identityͷ֩ͱ͢Δͷ ةݥͰ͋ΓɺସΛߟ͑Δඞཁ͕͋Δɻ
None
Ͳ͏ͨ͠ΒղܾͰ͖ Δʁ
༧ઢ: ͜Εͬͯཁ͢ΔʹBetter PGPͷͩΑͶʁ →ͬͯΔɻ
Verifiable CredentialΛ༻͍ͨEϝʔϧ ֤τϥϯβΫγϣϯʢ͜͜ͰEϝʔϧͷΓͱΓʹ૬͢Δʣ͝ ͱʹҟͳΔidentityͷදݱΛΓग़ͯ͠͏ʹͲ͏͢ΕΑ͍ ͔ʁˠಛఆͷidentityͷදݱʹରԠ͢Δverifiable credentialΛ͑ Α͍ spamϑΟϧλEϝʔϧʹؔ࿈͍ͮͨVCͷਖ਼ੑɾ৴པΛఆ ͢Δ
Verifiable CredentialΛ༻͍ͨEϝʔϧ Կ͕خ͍͠ʁ • ૹ৴ऀ: ʢϝʔϧ͕ਖ਼ͳ༻్Ͱ͋ΔݶΓʣspamϑΟϧλʹ ͻ͔͔ͬΔ͜ͱ͕ݮΔ • ͍ͭͰʹɺৗʹެࣜͳࢠ͔Ϳͬͯͳͯ͘Α͍ •
ड৴ऀ: spam͕ݮΔɺ·ͱͳϝʔϧ͕ड৴ശʹೖͬͯ͘Δ • ͪΌΜͱͨ͠ϓϩτίϧ֦ுΛ͢ΕݱࡏͷSMTPͷΤίγες ϜͱڞଘͰ͖Δ
Messaging Layer Security https://messaginglayersecurity.rocks/ ηΩϡΞͰinteroperableͳάϧʔϓϝοηʔδϯάͷͨΊͷϓϩτ ίϧΛఆٛ͠Α͏ͱ͍ͯ͠ΔIETFͷWGɻ End-to-End҉߸ԽΛ࣋ͭʢͦΕͦ͏ʣɺ҉߸Խάϧʔϓϝο ηʔδϯά͕Մೳ ಛఆͷϓϥοτϑΥʔϜʹ͓͚ΔID͕ඞཁ
DIDComm Aries RFC 0005: DID Communication Ͱઆ໌͞Ε͍ͯΔDID Agentಉ࢜ ͷίϛϡχέʔγϣϯϝΧχζϜɻ DIDCommͱ͍͏ϓϩτίϧ͕͋Δɺͱ͍͏ΑΓDIDCommͷ্ʹ
֤ΞϓϦέʔγϣϯ͝ͱͷϓϩτίϧΛ࣮͢Δɺͱ͍͏΄͏͕ ͯ·ΔɻExplainerͰ˓×ήʔϜ༻ͷϓϩτίϧΛDIDCommͷ ্Ͱ࣮͍ͯ͠Δɻ
DIDComm ओͳಛͱͯ͠ɺʮඇಉظɺ୯ํ(simplex)ͷϝοηʔδϯάͰ͋ ΔʯʮτϥϯεϙʔτґଘੑΛ࣋ͨͳ͍(transport-agnostic)ʯ ʮEnd-to-end҉߸Խ͞Ε͍ͯΔʯͱ͍͏ੑ࣭͕͋Δɻ ૹΓઌͷൃݟ(discovery)DID RelationshipͷߏஙʹΑͬͯߦΘΕ Δɻ
None
·ͱΊ • Eϝʔϧͷͱͯ͠ʮ҉߸Խ͕ेͰͳ͍ʯ͜ͱʹՃ͑ͯʮ· ͱͳidentity layer͕ͳ͍ʯͱ͍͏͕͋Δ • identity layerͷߏஙΛதԝूݖԽ͞ΕͨEϝʔϧϓϩόΠμʹ· ͔ͤͯ͠·͏ͱEϝʔϧͷࡏతͳself-sovereignੑΛࣦͬͯ͠ ·͏
• DIDVCٕज़ͰEϝʔϧͷidentity layerΛ࡞Δ͔ɺͦͦDIDʹ ΑΔidentity layerΛ࣋ͭϓϩτίϧͰ͋ΔDIDCommʹ͔ͬͬ ͯ͠·͏ͷ͕Α͍ͷͰʁ