[ietf-dkim] Can vendor's really say they have DKIM support yet?
Dave Crocker
dhc at dcrocker.net
Wed Feb 1 13:07:15 PST 2006
Folks,
> Without a policy statement DKIM asserts that the sending MTA sent this
> particular signed message.
Hence DKIM provides a stable, validated identifier that declares its
"responsibility" for the message.
Having such a validated identifier permits various reputation and accountability
work, even without the benefits of signer-related policy publication.
> Implementing an Internet-Draft is not implementing a standard.
> For the latter, the RFC has to exist.
>
> If you choose to write code based on an Internet-Draft you are
> taking a risk that the specification changes before it becomes
> a standard.
The core DKIM spec was reasonably stable prior to submission to the IETF. How
much change the IETF chooses to impose, and how much of that change will make
prior implementations incompatible, is yet to be determined.
Such a determination is typically a matter of working group consensus. Those
caring about retaining compatibility will voice that desire strongly and
repeatedly, whenever compatibility is threatened..
That said, there already are implementations, as noted on the DKIM web page. To
my knowledge, they are using the same version of the specification. The test of
interoperability is interoperability, not the publication status of the
specification that is used.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
More information about the ietf-dkim
mailing list