Click the comments link on any story to see comments or add your own.
Subscribe to this blog
19 Jul 2006
The DKIM working group in the IETF has been making good progress. We now have a draft of an overview document as well as an updated and, with any luck, final version of the threats document. The main spec for DKIM signatures seems to be close enough to done for a "last call" for complaints and comments.
We were worried about delays due to IETF politics, in particular the the DNS experts would object to DKIM reusing a DNS TXT record rather than adding a new record type. They say they're not thrilled about yet another use of TXT, but they can live with the way we're using it.
So it looks surprisingly likely that by the end of the summer there will be a DKIM shpec that will be stable enough for people to implement, and that's not likely to change significantly before it's approved as an RFC and a proposed standard.
We haven't yet started working on the sender signing policy (SSP) stuff that promises to be a can of worms. There was surprising consensus on the DKIM mailing list that the only policies that we all understand are "this domains sign everything" and "this domain sends no mail", but it's hard to say whether people who think that SSP will be useful (as I do not) will be satisfied with a minimal SSP that only handles those two assertions. Fortunately, the work on SSP has been separated enough from the definition of the signatures that SSP won't affect the signature spec, so we should be able to go ahead with signing even as the details of SSP are thrashed out.
My other sites
© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.