DomainKeys Identified Mail (DKIM) lets an organization take
responsibility for a message that is in transit. The
organization is a handler of the message, either as
its originator or as an intermediary. Their reputation
is the basis for evaluating whether to trust the message
for further handling, such as delivery. Technically
DKIM provides a method for validating a domain name
identity that is associated with a message through cryptographic
authentication. The identity is independent of other email identities, such as the author's From: field.
Links:
|
DKIM attaches a new domain name identifier to a message and
uses cryptographic techniques to validate authorization
for its presence. The identifier is independent of any
other identifier in the message, such in the author's
From: field.
The first version of DKIM synthesized and enhanced Yahoo!'s
DomanKeys and Cisco's Identified Internet Mail specifications.
It was the result of a year-long collaboration among numerous
industry players, during 2005, to develop an open-standard
e-mail authentication specification. Participants included
Alt-N Technologies, AOL, Brandenburg InternetWorking, Cisco,
EarthLink, IBM, Microsoft, PGP Corporation, Sendmail, StrongMail
Systems, Tumbleweed, VeriSign and Yahoo!. The team produced
the initial specification and several implementations. It
then submitted the work to the IETF for further enhancement
and formal standardization.
The result is a set of IETF
specifications and supporting documentation.
- DKIM 3-slide Teaser, D.
Crocker
» pdf, ppt
- Frequently Asked Questions
» FAQ
|
- DKIM, Roman Valls Guimerà, esCERT —
Introduction, examples and analysis, countering
the myth that DKIM is expensive
» pdf, odp
|
|
The current specifications are recommended for immediate use:
- DKIM Service
Overview, RFC 5585
» html, pdf, txt
- DKIM
Signatures
» RFC 6376
- DomainKeys
Identified Mail (DKIM) Development, Deployment and Operations,
RFC 5863
» html, txt
- DKIM Author
Domain Signing Practices (ADSP)
» RFC
5617
|