"DomainKeys Identified Mail (DKIM) Service Overview", Tony Hansen, Dave Crocker, Phillip Hallam-Baker, 25-Feb-08. ( bytes)

This document provides an overview of the DomainKeys Identified Mail (DKIM) service and describes how it can fit into a messaging service. It also describes how DKIM relates to other IETF message signature technologies. It is intended for those who are adopting, developing, or deploying DKIM. DKIM allows an organization to take responsibility for transmitting a message, in a way that can be validated by a recipient. The organization can be the author's, the originating sending site, an intermediary, or one of their agents. An organization may use one or more domain names to accomplish this. DKIM defines a domain-level digital signature authentication framework for email, using public-key cryptography and key server technology [RFC4871]. This permits verification of a message source, an intermediary, or one of their agents, as well as the integrity of its contents. DKIM will also provide a mechanism that permits potential email signers to publish information about their email signing practices; this will permit email receivers to make additional assessments about messages. Such protection of email identity can assist in the global control of "spam" and "phishing".

"DKIM Author Signing Practices (ASP)", Eric Allman, Jim Fenton, Mark Delany, John Levine, 23-Feb-08. ( bytes)

DomainKeys Identified Mail (DKIM) defines a domain-level authentication framework for email using public-key cryptography and key server technology to permit verification of the source and contents of messages by either Mail Transport Agents (MTAs) or Mail User Agents (MUAs). The primary DKIM protocol is described in [RFC4871]. This document describes the records that authors' domains can use to advertise their practices for signing their outgoing mail, and how other hosts can access those records.

"DomainKeys Identified Mail (DKIM) Development, Deployment and Operations", Tony Hansen, Phillip Hallam-Baker, Dave Crocker, 25-Feb-08. ( bytes)

DomainKeys Identified Mail (DKIM) associates a "responsible" identity with a message and provides a means of verifying that the association is legitimate. [RFC4871] DKIM defines a domain-level authentication framework for email using public-key cryptography and key server technology. This permits verifying the source or intermediary for a message, as well as the contents of messages. The ultimate goal of this framework is to permit a signing domain to assert responsibility for sending a message, thus proving and protecting the identity associated with the message and the integrity of the messages itself, while retaining the functionality of Internet email as it is known today. Such protection of email identity may assist in the global control of "spam" and "phishing". This document provides implementation, deployment, operational and migration considerations for DKIM.

Return to Internet-Draft directory.

Return to IETF home page.