Establishing a domain name that is accountable for a message being
offered is a problem for users of Internet mail when deciding whether
to accept the message. DKIM establishes a name that may act as a
basis for trusting the content of the message and selected headers.
The DKIM working group will produce standards-track specifications
that permit authentication of a domain name associated with the
message using public-key signatures and based upon domain name
identifiers. This specification will also verify that selected
headers and message content has not changed subsequent to the domain
name association by way of the signature.
Keys will be stored in the responsible identity's DNS hierarchy. The
specification will be based on the draft-allman-dkim-*.txt Internet-
Drafts. The specifications will initially contain summaries of the
threats. This will be followed by requirements and limitations that
are associated with the specified mechanism. An overview of DKIM may
also be developed subsequent to the core drafts. The DKIM working
group may also address mechanisms for advertising "signing policy" so
that a recipient can determine whether a valid message signature
should be present.
The working group will NOT consider related topics, such as
reputation and accreditation systems, and message encryption. It
will also NOT consider signatures which are intended to make long-
term assertions (beyond the expected transit time of a message) nor
signatures which attempt to make strong assertions of the identity of
the message author.
The working group may also study whether to adopt a work item for
specifying a common mechanism to communicate the results of message
verification to the message recipient.
---
Sorry, but I did not catch-up with the list before posting the message.
There being some confusion regarding what is meant when excluding a
reputation system. Being able to protect the domain name owner's
reputation remains a primary concern. I attempted to reflect that
concern by indicating this name may be used when deciding to accept
the message. I agree that this WG should not become involved in
designing reputation services, but there should be some understanding
that protecting reputation remains a critical element for DKIM.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org