On Aug 24, 2005, at 3:43 PM, Dave Crocker wrote:
It is not the SSP statement that is the problem, but confusion about
forgery protections. The MTA does not need to attempt to provide the
complete solution, but rather provide a solid foundation.
I have not noticed anyone suggesting that the charter be changed.
Being unable to verifying the domain providing initial access for
messages being offered is a is a problem affecting those accepting
Internet mail. The verification establishes a domain accountable for
subsequent messages with expectations of this domain being able to
abate ongoing abuses. A verified domain signature within the message
also affords opportunistic identification techniques of the sending
entities by mail user agents as a means to thwart the targeted
spoofing of prior correspondents.
The DKIM working group will produce standards-track specifications
that will permit the authentication of the domain providing initial
access for entities sending messages. The authentication process
will utilize a dedicated header containing public-key signatures and
verified with public keys stored in the accountable domain's DNS
hierarchy.
The specification will be based on the draft-allman-dkim-*.txt
Internet-Drafts. The working group will also attempt to make upwardly
compatible changes with that of the initial draft-delany-domainkeys-
base-02.txt Internet draft as deemed useful to improve the viability
of services based on these specifications.
The specifications will contain summaries of the threats,
requirements and limitations that are associated with the specified
mechanism. The DKIM working group will also address mechanisms for
advertising "signing policy" so that a recipient can determine
whether a valid message signature should be present.
The working group will NOT consider related topics, such as
reputation and accreditation systems, and message encryption. It
will also NOT consider signatures which are intended to make long-
term assertions (beyond the expected transit time of a message) nor
signatures which attempt to make strong assertions of the identity of
the message author.
The working group may also study whether to adopt a work item for
specifying a common mechanism to communicate the results of message
verification to the message recipient.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org