MASS/DKIM BOF Summary - 4 Aug 05
Co-Chairs: Jim Fenton, Cisco
Dave Crocker, Brandenburg
DKIM uses an independent domain name identity for establishing a digital
signature to an email message body and selected headers. The BOF continued
discussions from the MASS mailing list (ietf-mailsig) reviewing the DKIM
specifications, a draft working group charter, and a list of open questions
about the charter. Miles Libbey, of Yahoo!, said that a Yahoo! IPR statement
would be filed by 9 September.
A full-and-frank BOF discussion quickly moved to concerns about the lack of a
sufficient threat analysis and, generally, confusion over the actual utility of
DKIM. This did not necessarily represent a broad belief that it was not useful,
but a common concern was that DKIM not oversell its potential benefit. DKIM
was developed out of anti-spam and anti-spoofing, but its direct utility in
solving these problems is, at best, unclear. The sense of the room was to
establish a DKIM- specific mailing list; it will be announced through the
mailsig list.
ACTION: The homework assignment for attendees is to bring assignments are to
formulate concise suggestions for threat statements and benefits statements.
ACTION: The DKIM "community" must produce a satisfactory threat analysis
before a working group can be chartered.
d/