[ietf-dkim] Purpose and sequence for
DKIM specificationand deployment
ietf-dkim at kitterman.com
Mon Aug 29 13:46:27 PDT 2005
Hallam-Baker, Phillip wrote:
>>You are describing a mechanism and explaining what it may accomplish
>>in the narrow terms of the mechanism. This unfortunately has
>>to do with claims made within the charter regarding header
>>Lead-in problem statement:
>>| Forgery of headers that indicate message origin is a problem for
>>| Internet mail.
> OK I think we are in agreement here. I think that the charter should be
> written in terms of
> 1) Providing a mechanism whereby an Internet domain name owner can claim
> responsibility for an email message
> 2) Provide a mechanism to allow notification of an Internet domain name
> owner's policy for claiming accountability
> 3) Provide an authentication platform on which TTP providers of
> accreditation and/or reputation information can build products that are
> tied to a domain name rather than an IP address.
> Forgery then falls out of the goals section of the charter, it is simply
> an attack that might be attempted.
In saying that, do you think that your #2 policy set includes describing
an authorized set of relationships between use of their domain in
certain header fields (e.g. From:) and the signing domain?
Also, does DKIM provide an authentication platform or an authorization
More information about the ietf-dkim