E-mail authentication proposal DKIM being discussed at IETF

Enterprise Networks & Servers, Aug 2005

With their shared commitment to bringing new, interoperable solutions that combat e-mail forgery and protect the value of the Internet for customers, Cisco, PGP Corp., Sendnaail and Yahoo! are submitting the e-mail authentication specification DomainKeys Identified Mail (DKIM) to the Internet Engineering Task Force (IETF) for consideration as a new e-mail industry standard and to help enable industry-wide adoption of the technology.

Discussions began on standardization of this unified e-mail authentication proposal at the 63rd IETF meeting in Paris July 31.

DKIM is a signature-based e-mail authentication proposal that is based on Yahoo!'s DomainKeys e-mail authentication technology and Cisco's Identified Internet Mail. It provides e-mail users with an additional level of protection against e-mail forgery, a tactic often used in phishing attacks. DKIM was developed so that businesses and consumers will have a stronger, more accurate means for identifying legitimate e-mail messages. DKIM provides transactional institutions added brand protection by giving consumers increased assurance of the legitimacy of the e-mails they receive.

DKIM is the result of the ongoing commitment from numerous industry players to develop an open-standard e-mail authentication specification, and industry collaboration has played a critical role in the process. Industry leaders who played a valuable role in furthering the development of the DKIM specification include: AIt-N Technologies, AOL, Brandenburg Internetworking, Cisco, Earth-Link, IBM, Microsoft, PGP Corp., Send-mail, StrongMail Systems, Tumbleweed, VeriSign and Yahoo!. The participation of these companies has been instrumental in creating this single, signature-based e-mail authentication proposal. The authoring companies will continue to work with these organizations and the IETF on the standardization of the DKIM specification so that industry-wide agreement on the best method for validating the identification of email senders can be reached.

As a demonstration, of the maturity of the DKlM specification, three independent implementations from AIt-N Technologies, Cisco Systems and Sendmail have been shown to interoperate successfully. These tests have provided a means for testing the DKIM specification and will form the basis for further testing as new implementations of DKlM are developed by vendors and service providers.

To find the proposal, see http://search. ietf.org/ and enter the key word DKIM.