ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Proposed Charter, revised.

2005-10-11 17:40:05
from [Douglas Otis] [Permanent Link]
Establishing a domain name that is accountable for a message being offered is a problem for users of Internet mail when deciding whether to accept the message. DKIM establishes a name that may act as a basis for trusting the content of the message and selected headers. The DKIM working group will produce standards-track specifications that permit authentication of a domain name associated with the message using public-key signatures and based upon domain name identifiers. This specification will also verify that selected headers and message content has not changed subsequent to the domain name association by way of the signature.
Keys will be stored in the responsible identity's DNS hierarchy. The specification will be based on the draft-allman-dkim-*.txt Internet- Drafts. The specifications will initially contain summaries of the threats. This will be followed by requirements and limitations that are associated with the specified mechanism. An overview of DKIM may also be developed subsequent to the core drafts. The DKIM working group may also address mechanisms for advertising "signing policy" so that a recipient can determine whether a valid message signature should be present.
The working group will NOT consider related topics, such as reputation and accreditation systems, and message encryption. It will also NOT consider signatures which are intended to make long- term assertions (beyond the expected transit time of a message) nor signatures which attempt to make strong assertions of the identity of the message author.
The working group may also study whether to adopt a work item for specifying a common mechanism to communicate the results of message verification to the message recipient. 

---

Sorry, but I did not catch-up with the list before posting the message.
There being some confusion regarding what is meant when excluding a reputation system. Being able to protect the domain name owner's reputation remains a primary concern. I attempted to reflect that concern by indicating this name may be used when deciding to accept the message. I agree that this WG should not become involved in designing reputation services, but there should be some understanding that protecting reputation remains a critical element for DKIM. 

-Doug


_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [ietf-dkim] Proposed Charter, revised., Douglas Otis <=
Previous by Date:  RE: [ietf-dkim] Charter bashing..., Hallam-Baker, Phillip
Next by Date:  Re: [ietf-dkim] Charter bashing..., Arvel Hathcock
Previous by Thread:  [ietf-dkim] Proposed Charter, drop header authentication assertion., Douglas Otis
Next by Thread:  [ietf-dkim] Structure of the threat analysis..., Stephen Farrell
Indexes:  [Date] [Thread] [Top] [All Lists]