Click the comments link on any story to see comments or add your own.
Subscribe to this blog
06 Jan 2006
The IETF finally chartered a working group to create a DKIM standard earlier this week. See this notice which includes the text of the charter and the rather aggressive schedule:
02/06 WG last call on DKIM threats and security requirements
I hope we can meet the milestones, but there's some actual technical work to be done on the signature specification which may take a while.
The threats and security requirements don't directly affect the spec other than perhaps providing a checklist to see whether the spec does the things it's supposed to. The policy specfication, basically a record that lets a domain announce that all its mail is signed so accept no substitutes, is done except that there are a few loud voices that think it's bad and want to get rid of it. (I have my doubts whether it's useful, but the only way to find out is to try it.) The DNS resource record is also done, perhaps give or take a few tweaks for people who want to load it up with more options.
It'll be an interesting year.
comments... (Jump to the end to add your own comment)
Add your comment...
Note: all comments require an email address to send a confirmation to verify that it was posted by a person and not a spambot. The comment won't be visible until you click the link in the confirmation. Unless you check the box below, which almost nobody does, your email won't be displayed, and I won't use it for other purposes.
My other sites
© 2005-2018 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.