Click the comments link on any story to see comments or add your own.
Subscribe to this blog
06 Jan 2006
The IETF finally chartered a working group to create a DKIM standard earlier this week. See this notice which includes the text of the charter and the rather aggressive schedule:
02/06 WG last call on DKIM threats and security requirements
I hope we can meet the milestones, but there's some actual technical work to be done on the signature specification which may take a while.
The threats and security requirements don't directly affect the spec other than perhaps providing a checklist to see whether the spec does the things it's supposed to. The policy specfication, basically a record that lets a domain announce that all its mail is signed so accept no substitutes, is done except that there are a few loud voices that think it's bad and want to get rid of it. (I have my doubts whether it's useful, but the only way to find out is to try it.) The DNS resource record is also done, perhaps give or take a few tweaks for people who want to load it up with more options.
It'll be an interesting year.
My other sites
© 2005-2013 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.