Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Email, Messaging, and SSI/DID (再放送)

sylph01
November 19, 2020

Email, Messaging, and SSI/DID (再放送)

sylph01

November 19, 2020
Tweet

More Decks by sylph01

Other Decks in Technology

Transcript

  1. Email, Messaging, and
    SSI/DID
    Ryo Kajiwara / sylph01
    @ #idcon, 2020/11/19, ೔ຊޠ࠶์ૹ

    View Slide

  2. ஫ҙࣄ߲
    • ͜Ε͸ͲͪΒ͔ͱ͍͏ͱҙݟද໌ͷΑ͏ͳੑ࣭ͷൃදͰ͢
    • Ұ࣌ظͷQiitaͰ͍͏ͱ͜ΖͷʮϙΤϜʯ
    • ٞ࿦ͷͨΊͷΞΠσΞग़͠Λ͢Δੑ࣭ͷ΋ͷͰ͢
    • ΑͬͯɺϓϩμΫτ΍։ൃ੒ՌͷσϞͰ͸͋Γ·ͤΜ
    • ·ͨɺٞ࿦΍લఏʹൈ͚΍݀͸༨༟Ͱଘࡏ͢Δ͸ͣͰ͢

    View Slide

  3. View Slide

  4. TL;DR

    View Slide

  5. SMTPΛ
    ΍ΊΖ

    View Slide

  6. Ͳ͏΍ͬͯ
    ΍ΊΔʁ

    View Slide

  7. View Slide

  8. ϝοηʔδϯάʹٻΊΔੑ࣭
    • End-to-End҉߸Խ
    • ࠷֤ۙࠃ͕ban͠Α͏ͱ͍ͯ͠Δͬͯʁ
    • ҉߸Խ͞Εͨάϧʔϓϝοηʔδϯά
    • σʔλͷ੍ޚ
    • identityදݱͷ੍ޚ

    View Slide

  9. Q: ͳΜͰLINE /
    Facebook Messenger /
    WhatsApp etc.͕͋Δͷ
    ʹϝʔϧͳΜ͔࢖ͬͯ
    Δͷʁ

    View Slide

  10. Q: ͳΜͰLINE / Facebook
    Messenger / WhatsApp etc.͕͋Δͷ
    ʹϝʔϧͳΜ͔࢖ͬͯΔͷʁ
    • SMTP͸े෼ͳ҉߸Խ΍ೝূΛ͍࣋ͬͯͳ͍
    • Eϝʔϧ͸௨ৗEnd-to-End҉߸ԽΛ͍࣋ͬͯͳ͍
    • PGP΍S/MIMEΛ࢖ͬͨͱ͜ΖͰάϧʔϓʹର͢Δ҉߸Խί
    ϛϡχέʔγϣϯ͸Ͱ͖ͳ͍
    • Eϝʔϧʹ͸spam͕͋Δ

    View Slide

  11. Q: ͳΜͰLINE / Facebook
    Messenger / WhatsApp etc.͕͋Δͷ
    ʹϝʔϧͳΜ͔࢖ͬͯΔͷʁ
    A: ࣄલͷ৴པؔ܎ͷͳ͍ਓ͔Β΋
    ϝοηʔδΛड͚औΔ͜ͱ͕Ͱ͖Δ

    View Slide

  12. Eϝʔϧʹ͸spam͋Δ
    ͡ΌΜʂ

    View Slide

  13. Eϝʔϧʹspam͕͋Δ
    ͷ͸ϓϩτίϧʹ૊Έ
    ࠐ·Εͨಗ໊ੑ͕ݪҼ

    View Slide

  14. Eϝʔϧͷಗ໊ੑ
    ʮࣄલͷ৴པؔ܎ͷͳ͍ਓ͔ΒϝοηʔδΛड͚औΕΔʯͱ͍͏
    ੑ࣭͸ి࿩ʹ΋͋ͯ͸·Δ͕ɺEϝʔϧʹ͸ి࿩໢ʹ͋ΔΑ͏ͳ
    anti-abuse mechanismΛ͍࣋ͬͯͳ͍ɻ͜Ε͸Eϝʔϧͷಗ໊ੑʹ
    ΑΔ΋ͷͰ͋Δɻ
    • ి࿩໢Λabuseͨ͠৔߹ٯ୳஌͕Մೳ
    • Eϝʔϧʹ͓͍ͯ͸identityͷspoofing͕༰қͰɺั·͑Δ͜ͱ͕
    ࠔ೉
    • ͱ͍͏͔Eϝʔϧʹ͸·ͱ΋ͳidentity layer͕ͳ͍

    View Slide

  15. spammer͸Eϝʔϧͷ
    ಗ໊ੑΛ࢖ͬͯѱࣄΛ
    ಇ͘

    View Slide

  16. ͦ΋ͦ΋ಗ໊ͷEϝʔϧɺཉ
    ͍͠ʁ
    ಗ໊ͷEϝʔϧ͸ߴ֬཰Ͱspamɻ
    ৽ͨʹ৴པؔ܎݁ͼ͍ͨ৔߹ಗ໊Ͱ͋Δ͜ͱʹ͍͍͜ͱ͸ͦΜͳ
    ʹͳ͍ɻ

    View Slide

  17. ͡Ό͋S/MIMEΛશҬత
    ʹ࢖͑͹͍͍ͷͰ͸ʁ

    View Slide

  18. S/MIMEͷ໰୊
    • ߴ͍
    • ൃߦ͞Εͨ༻్ʹറΒΕΔ
    • ͋Δূ໌ॻ͸ಛఆͷorganizationʹ͓͚ΔॴଐΛূ໌ͯ͘͠Ε
    Δ͔΋͠Εͳ͍͕
    • ΠϯλʔωοτͰৗʹͦͷಛఆͷ๧ࢠΛͣͬͱ͔Ϳ͍ͬͯͨ
    ͍͔ͱ͍͏ͱͦ͏Ͱ͸ͳ͍
    • ෳ਺ͷূ໌ॻ࢖͑͹͍͍͡ΌΜʁ1ߦ໨ʹ໭Δ

    View Slide

  19. ΋ͬͱυϥεςΟοΫͳղ๏:
    ϚΠφϯόʔΧʔυͷ
    ূ໌ॻͰsign͞Εͨ
    ϝʔϧͳΒࣗಈతʹड
    ͚ೖΕΔ

    View Slide

  20. ୭΋ϚΠφϯόʔʹඥ
    ෇͍ͨΞΧ΢ϯτͰ
    spamͳΜ͔͠ͳ͍Ͱ
    ͠ΐʁ

    View Slide

  21. ·͋Θ͟Θ͟SSI/DIDͷ
    ࿩ฉ͖ʹདྷΔํͳΒ͜
    ΕͷԿ͕ා͍͔͸Θ͔
    Δͱࢥ͍·͕͢

    View Slide

  22. View Slide

  23. Eϝʔϧͷself-sovereignੑ
    SMTP/POP/IMAP͸΋ͱ΋ͱself-sovereignੑΛຬͨ͢ϓϩτίϧͰ
    ͋ͬͨɻࣗ෼ͰαʔόʔཱͯΔݶΓ͸ɻ
    • ࣗ෼ͰIDΛൃߦͰ͖Δ
    • ༻్ʹԠͯ͡IDΛ࢖͍෼͚Δ͜ͱ͕Ͱ͖Δ
    • ࣗ෼ͷσʔλͷίϯτϩʔϧ͸ࣗ෼Ͱ࣋ͭ͜ͱ͕Ͱ͖Δ

    View Slide

  24. Eϝʔϧͷself-sovereignੑ
    ࠷ۙ͸୭΋ͦΜͳ͜ͱ͠ͳ͍ɻ
    • SMTP: ద੾ʹೝূ͢Δͷ͕೉͍͠ɻઃఆ1ݸͰ΋ؒҧ͑Δͱ
    spamͷ౿Έ୆ɻ
    • IMAP: ϚϧνσόΠεΞΫηεͳΒඞਢɻ͚ͩͲετϨʔδ؅ཧ
    ஍ࠈʹؕΔ
    ݁Ռɺຊདྷself-sovereignͰ͋Δ͸ͣͷϓϩτίϧͳͷ͕ͩɺதԝ
    ूݖԽΛڐͯ͠͠·ͬͨ

    View Slide

  25. Eϝʔϧͷself-sovereignੑ
    EϝʔϧͷதԝूݖԽ͸spamͷ໰୊ΛΑΓѱԽ͍ͤͯ͞Δɻதԝ
    ूݖతEϝʔϧϓϩόΠμͷspamϑΟϧλͷಈ࡞ʹे෼ͳಁ໌ੑ͕
    ͳ͘ɺѱҙͷͳ͍ϝʔϧͰ͢ΒspamϑΟϧλʹҿ·ΕΔɻதԝू
    ݖతEϝʔϧϓϩόΠμΛར༻͍ͯ͠ͳ͍ϝʔϧ͸spamϑΟϧλΛ
    ৴༻ͤ͞Δ͜ͱ͕೉͘͠ͳΓɺΑΓதԝूݖԽ͕ਐΉ
    ʢಁ໌ੑ͕͋ͬͨΒ͋ͬͨͰspamۀऀ͕ͦΕΛᷖճͯ͘͠ΔͷͰ
    Ϛζ͍ͱ͍͑͹ͦͷͱ͓Γ͕ͩ…ʣ

    View Slide

  26. "Principles of User Sovereignty /
    Fundamental Problems of Distributed
    Systems" @ IIW30
    ʮ෼ࢄγεςϜͷ๊͑Δࠜຊతͳ໰୊ΛղܾͰ͖ͳ͍ͱ͖ɺͦΕ
    ͸اۀʹΑΔதԝूݖԽ(corporate capture)ΛࣗΒڐͯ͠͠·͏ʯ
    Eϝʔϧ͸·͞ʹ͜ͷ࠷ͨΔྫͰ͋Δɻ෼ࢄγεςϜ๊͕͑Δຊ࣭
    తͳ໰୊ʹରͯ͠े෼ͳղܾ͕ͳ͞Εͳ͔ͬͨͨΊɺاۀ͸ͦ͜
    ʹϚωλΠζͷػձΛݟग़͠ɺதԝूݖԽͯ͠͠·ͬͨɻ

    View Slide

  27. "Fundamental Problems of
    Distributed Systems"
    ྫ:
    • ϊʔυͷσΟεΧόϦʔ(Eϝʔϧͷ৔߹ૹ৴ઌͷ֬ఆʹඞཁ)
    • ϊʔυ͕ωοτϫʔΫʹࢀՃ͢Δࡍͷηογϣϯͷཱ֬
    (introduction)
    • ϓϥΠόγʔ(௕ظతͳؔ࿈෇͚ͷ๧ࢠ)
    • τϥετ

    View Slide

  28. Eϝʔϧ͕digital identityͷ֩ͱͳΔ
    ͜ͱͷා͍఺
    ύεϫʔυ๨Εͨͱ͖ͷϦηοτ͸͍͍ͩͨEϝʔϧΛ௨ͯ͠ߦΘ
    Ε·͢Ͷʁ
    →Eϝʔϧ͕৐ͬऔΒΕΔͱ͋ͳͨͷΠϯλʔωοτ্ͷidentity
    ͸શͯ৐ͬऔΕ·͢ɻ
    secure messaging͕୅ସͰ͖Δ͔Ͳ͏͔͸͓͖ͯ͞ɺे෼ʹηΩϡ
    ΞͰͳ͍ϓϩτίϧ/ΤίγεςϜΛdigital identityͷ֩ͱ͢Δͷ͸
    ةݥͰ͋Γɺ୅ସΛߟ͑Δඞཁ͕͋Δɻ

    View Slide

  29. View Slide

  30. Ͳ͏ͨ͠ΒղܾͰ͖
    Δʁ

    View Slide

  31. ༧๷ઢ:
    ͜Εͬͯཁ͢ΔʹBetter
    PGPͷ࿩ͩΑͶʁ
    →஌ͬͯΔɻ

    View Slide

  32. Verifiable CredentialΛ༻͍ͨEϝʔϧ
    ֤τϥϯβΫγϣϯʢ͜͜Ͱ͸Eϝʔϧͷ΍ΓͱΓʹ૬౰͢Δʣ͝
    ͱʹҟͳΔidentityͷදݱΛ੾Γग़ͯ͠࢖͏ʹ͸Ͳ͏͢Ε͹Α͍
    ͔ʁˠಛఆͷidentityͷදݱʹରԠ͢Δverifiable credentialΛ࢖͑͹
    Α͍
    spamϑΟϧλ͸Eϝʔϧʹؔ࿈͍ͮͨVCͷਖ਼౰ੑɾ৴པ౓Λ൑ఆ
    ͢Δ

    View Slide

  33. Verifiable CredentialΛ༻͍ͨEϝʔϧ
    Կ͕خ͍͠ʁ
    • ૹ৴ऀ: ʢϝʔϧ͕ਖ਼౰ͳ༻్Ͱ͋ΔݶΓʣspamϑΟϧλʹ
    ͻ͔͔ͬΔ͜ͱ͕ݮΔ
    • ͍ͭͰʹɺৗʹެࣜͳ๧ࢠ͔Ϳͬͯͳͯ͘΋Α͍
    • ड৴ऀ: spam͕ݮΔɺ·ͱ΋ͳϝʔϧ͕ड৴ശʹೖͬͯ͘Δ
    • ͪΌΜͱͨ͠ϓϩτίϧ֦ுΛ͢Ε͹ݱࡏͷSMTPͷΤίγες
    ϜͱڞଘͰ͖Δ

    View Slide

  34. Messaging Layer Security
    https://messaginglayersecurity.rocks/
    ηΩϡΞͰinteroperableͳάϧʔϓϝοηʔδϯάͷͨΊͷϓϩτ
    ίϧΛఆٛ͠Α͏ͱ͍ͯ͠ΔIETFͷWGɻ
    End-to-End҉߸ԽΛ࣋ͭʢͦΕ͸ͦ͏ʣɺ҉߸Խάϧʔϓϝο
    ηʔδϯά͕Մೳ
    ಛఆͷϓϥοτϑΥʔϜʹ͓͚ΔID͕ඞཁ

    View Slide

  35. DIDComm
    Aries RFC 0005: DID Communication Ͱઆ໌͞Ε͍ͯΔDID Agentಉ࢜
    ͷίϛϡχέʔγϣϯϝΧχζϜɻ
    DIDCommͱ͍͏ϓϩτίϧ͕͋Δɺͱ͍͏ΑΓ΋DIDCommͷ্ʹ
    ֤ΞϓϦέʔγϣϯ͝ͱͷϓϩτίϧΛ࣮૷͢Δɺͱ͍͏΄͏͕
    ౰ͯ͸·ΔɻExplainerͰ͸˓×ήʔϜ༻ͷϓϩτίϧΛDIDCommͷ
    ্Ͱ࣮૷͍ͯ͠Δɻ

    View Slide

  36. DIDComm
    ओͳಛ௃ͱͯ͠ɺʮඇಉظɺ୯ํ޲(simplex)ͷϝοηʔδϯάͰ͋
    ΔʯʮτϥϯεϙʔτґଘੑΛ࣋ͨͳ͍(transport-agnostic)ʯ
    ʮEnd-to-end҉߸Խ͞Ε͍ͯΔʯͱ͍͏ੑ࣭͕͋Δɻ
    ૹΓઌͷൃݟ(discovery)͸DID RelationshipͷߏஙʹΑͬͯߦΘΕ
    Δɻ

    View Slide

  37. View Slide

  38. ·ͱΊ
    • Eϝʔϧͷ໰୊ͱͯ͠ʮ҉߸Խ͕े෼Ͱͳ͍ʯ͜ͱʹՃ͑ͯʮ·
    ͱ΋ͳidentity layer͕ͳ͍ʯͱ͍͏໰୊͕͋Δ
    • identity layerͷߏஙΛதԝूݖԽ͞ΕͨEϝʔϧϓϩόΠμʹ·
    ͔ͤͯ͠·͏ͱEϝʔϧͷ಺ࡏతͳself-sovereignੑΛࣦͬͯ͠
    ·͏
    • DID΍VCٕज़ͰEϝʔϧͷidentity layerΛ࡞Δ͔ɺͦ΋ͦ΋DIDʹ
    ΑΔidentity layerΛ࣋ͭϓϩτίϧͰ͋ΔDIDCommʹ৐͔ͬͬ
    ͯ͠·͏ͷ͕Α͍ͷͰ͸ʁ

    View Slide