Re: [ietf-smtp] DKIM encryption, was Request for discussion
2013-10-18 15:18:10
On 10/17/2013 09:08 PM, John Levine wrote:
I'm in for spec writing and doing implementation experiments.
I'll write something up for the DKIM thing.
DKIM is the abbreviation of DomainKeys _Identified_ Mail. I agree with
others that the term 'DKIM' cannot be used for this new protocol, the
authors of DKIM have always tried to limit the scope of DKIM in many
discussions on ietf-dkim, with the result of DKIM being defined as:
DomainKeys Identified Mail (DKIM) permits a person, role, or
organization that owns the signing domain to claim some
responsibility for a message by associating the domain with the
message.
If, nonetheless, the consensus would be to use DKIM for this new
protocol in order to be able to benefit from the fact that DKIM is
well-known and has a large installed base, then in my view 'DKIM would
need to be redefined, for example to refer to 'DomainKeys Internet
Mail'. In which case there's an awful lot of work to do to either
explain the two incarnations of DKIM, or to come up with one combined
standard describing both types of usage of DKIM (similar to S/MIME which
covers both signing and encryption).
If anyone actually
understands PGP or S/MIME (you can stop laughing now) help would be
appreciated, since I want to borrow as much as possible from one of
them to avoid inventing my own probably broken crypto scheme.
As for the part that describes storage of the keys in DNS I'd suggest to
take a look at DANE [1]. Looking at DANE and a number of new related
drafts [2], [3], [4], together with this new draft John will write, and
given the fact that in the future there probably will be more protocols
with a need to store keys in DNS, it seems to me that there is a need to
unify all of these DNS key storage schemes.
/rolf
[1] http://tools.ietf.org/html/rfc6698
[2] http://tools.ietf.org/html/draft-wouters-dane-openpgp-00
[3] http://tools.ietf.org/html/draft-ietf-dane-smime-02
[4] http://tools.ietf.org/html/draft-wouters-dane-otrfp-00
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, (continued)
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John R Levine
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Ned Freed
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Dave Crocker
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John Levine
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John Levine
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Russ Allbery
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Martijn Grooten
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Murray S. Kucherawy
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Steve Atkins
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John Levine
- Re: [ietf-smtp] DKIM encryption, was Request for discussion,
Rolf E. Sonneveld <=
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John Levine
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Rolf E. Sonneveld
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Dave Crocker
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Rolf E. Sonneveld
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Martijn Grooten
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Richard Clayton
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Ned Freed
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, SM
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, Ned Freed
- Re: [ietf-smtp] DKIM encryption, was Request for discussion, John C Klensin
|
|
|