2.7.2 Domain Keys Identified Mail (dkim)

NOTE: This charter is a snapshot of the 64th IETF Meeting in Vancouver, British Columbia Canada. It may now be out-of-date.

Last Modified: 2005-10-17


Stephen Farrell <stephen.farrell@cs.tcd.ie>
Barry Leiba <leiba@watson.ibm.com>

Security Area Director(s):

Russ Housley <housley@vigilsec.com>
Sam Hartman <hartmans-ietf@mit.edu>

Security Area Advisor:

Russ Housley <housley@vigilsec.com>

Mailing Lists:

General Discussion:
To Subscribe:

Description of Working Group:

Forgery of headers that indicate message origin is a problem for users
of Internet mail. The DKIM working group will produce specifications
that permit authentication of message headers during transit, using
public-key signatures and based on domain name identifiers. Keys will
be stored in the responsible identity's DNS hierarchy. The
specifications will describe threats of concern and any limitations in
the signature security that is provided. The specification will be
based on the <draft-*-dkim-*.txt> draft documents and will make only
the minimal changes deemed essential to the viability of the service.
The specifications will contain summaries of threats and requirements
that are handled by the specified mechanism. The DKIM working group
will also address mechanisms for advertising "signing policy" so that
a recipient can determine whether a valid message signature should be

The working group will NOT consider related topics, such as reputation
and accreditation systems, and message encryption. It will also NOT
consider signatures which are intended to make long-term assertions
(beyond the expected transit time of a message) nor signatures which
attempt to make strong assertions of the identity of the message

The working may also study whether to adopt a work item for specifying
a common mechanism to communicate the results of message verification
to the message recipient.

Goals and Milestones:

No Current Internet-Drafts

No Request For Comments

Current Meeting Report

64th DKIM BoF draft minutes

The DKIM BoF occurred on Monday Nov. 7th at 1pm, approximately 120 people 

Excellent jabber log:
Meeting materials (scroll down to DKIM):
Meeting audio:


The BoF covered introductory stuff, a walkthrough of the draft charter (and
discussion theron), and presentations about the proposed WG deliverables.
During the discussion a range of opinions were expressed, ranging from concern
about the scoping and potential impact of DKIM some years down the road, all
the way to coments that the the barrier being placed here was far too high for
WG-formation.  On the technical front, there were some concerns about the
sender signer policy proposal, which clearly needs work.

At the end of the BoF the chairs asked for a hum as to whether or not a wg with
the proposed charter should be chartered. The result was a fairly overwhelming
positive hum for WG-formation.


1. Keith Moore took an action to try propose some charter text he'd find 
   more acceptable.  
2. There was a proposal to include within some (possibly new) deliverable, 
   with postive guidance (as opposed to text complaining about lists 
   "breaking" things) about how DKIM and mailing lists might co-exist. 
   Stephen Farrell took an action to bring this proposal to the DKIM list.
3. The BoF chairs will work with the AD (Russ) to get the charter into the
   state required for an IESG decision on wg-formation.

BoF Agenda

1.  Agenda & introduction (10,Farrell)
2.  Walk through proposed charter (15,Leiba)
3.  Discussion of proposed charter -- open (20,Leiba)
4.  Walk through threat analysis -- Fenton (15)
5.  Walk through base spec -- Allman (10)
6.  Walk through policy spec -- Allman (10)
7.  Introduce other deliverables (10, Farrell)
8.  Open discussion of specs & deliverables -- open (20, Farrell)
9.  Decision: should a WG be formed with this charter? (10, Farrell)

The presentations and audio are available for the above, so these minutes will
just cover items #3, #8 an #9.

Charter discussion

- Doug Otis says that he strongly approves of DKIM but has serious problems
  with SSP and would like to see it out of scope. Barry Leiba responded that
  one possible outcome of the WG would be that SSP is dropped, and on that basis
  including SSP as in-scope is justifiable (since there are others who do want it

- Doug also apologised for the way he'd written an "alternative" version of Jim
  Fenton's threats document, but explained that he'd found it too hard to
  suggest discrete changes in the time available. 

- Keith Moore wondered whether we knew which problem DKIM was addressing and
  suggested that perhaps if we charter DKIM we will miss the opportunity to
  study this problem. 

- Mike Thomas said that we've been studying the problem for 1.5 years already
  and wondered when we'd get beyond that.

- Barry noted that one thing that was considered useful was the ability to
  turn-up/down filters on the basis of whether the message was DKIM signed (or

- Keith stated that if the group were trying to solve the phishing problem then
  that'd be a great discussion to have, but he found the proposed charter to be
  too vague and would prefer it were at a level where specific details could be
  discussed. Barry suggested that Keith suggest some changes to the charter text
  which would satisfy that concern. Keith agreed to take an action item to make
  such a suggestion.

- Chris Newman suggested that the policy work proposed in SSP might be
  considered as research, which is interesting research, but which can only
  happen if there's a basis on which to do the research. That basis appears to be
  provided by the base DKIM specification.

Open discussion

- Doug Otis noted that the threats document doesn't properly address DoS issues.
  Barry asked whether Doug's independent threats draft had text on that. Doug
  said it did. Barry said that or some equivalent would be incorporated since the
  topic is definitely in scope for the document.

- Doug noted some additional problems he has with SSP. Barry encouraged Doug to
  be active in the WG on this topic, but said that at this stage we are focused
  on chartering, so the details of SSP are for the putative WG.

- Jim Schaad said that he had some problems deciding whether or not DKIM should
  be chartered and noted that he had a problem understanding the proposed work
  from reading the threats document, (but had figured it out from the base
  specification). Jim asked for the threats document to include a short abstract
  description of how DKIM would work. Stephen Farrell said that that was planned
  for inclusion as the document becomes a WG draft.

- Sam Hartman stated that as an IESG member (but not the responsible AD), as
  things stood at that point, he wouldn't like to see DKIM chartered, since
  DKIM, if successful, would change how email is handled on the Internet over the
  next 10 years, and he'd rather that the community were happy with that before
  the work started. Sam suggested that a BCP may be needed which codifies the
  changes to the mail infrastructure which are caused by DKIM.

	(*) Note; Subsequent to the meeting Sam clarified that he mainly meant that
    he wanted the community to get a chance to consider this before DKIM starts -
    he wasn't calling for the BCP to be written in advance.

- Keith Moore stated that he finds there's a lot of confusion about authorship
  vs. transmission vs. origination for messages and he's getting different
  messages from different DKIM proponents.

- Eliot Lear reminded the room that when MIME was started we hadn't intended
  the outcome which may not be what we expect and that we shouldn't be setting
  the bar so high that nothing gets done in an area.

- Malcom Cartier suggested that SSP be excluded from the scope as inappropriate
  since it's placing responsibility for determining the truth onto the verifier
  and the purpose of doing this is for the benefit of the domain owner. He said
  that that wasn't an engineering issue but rather social and/or legal one.

- Dave Crocker said that the problem was the DKIM is a small discrete mechanism
  for adding an identity to a message but the problem is that it scares the
  &^*% out of us. Dave reiterated Eliot's comment about not setting the bar too

- Keith stated that the problem was that DKIM didn't do anything useful, and
  people want to solve spam, phishing etc, which DKIM doesn't do.  Keith thinks
  a lot of people think that DKIM does something close to useful which makes it
  more likely to encourage confusion rather than a useful result. Barry asked
  Keith whether there is utility in "I signed this, please whitelist me?". Keith
  believes it is useful for authors to give domains a way to sign messages such
  that recipients can verify.

- Responding to Eliot's remark, Keith recalled that the MIME work initially was
  just addressing 8bit but the idea of attachments wasn't there. If by
  chartering DKIM we could get a discussion going that would result in a real
  solution then Keith would be all for that, but the problem is that we can't get
  a WG without a concrete solution and then we're stuck with that - DKIM is a
  good starting point but we sould not constrain ourselves to that.

- Pete Resnick (not as an IAB member) said that DKIM doesn't purport anything.
  DKIM is a mechanism. We should get away from trying to judge DKIM as to what
  it would be useful for 20 years for now. If you can see that it is useful to
  solve some small problem today, that's enough. That said, listening to Sam,
  part of the problem is that DKIM once deployed, might require folks to use it,
  so it is a potential disruption to the infrastructure. But we also need to look
  at the current disruption of the infrastructure and we need to measure those
  two things and make a judgment as to whether things will be better or worse.

- Sam Hartman stated that SSP should be included if we charter. He agreed with
  Pete: what he had been saying was that we need to commit to that potential
  for change and document the change in the class of service that might result.
  He was not saying that DKIM was bad.

- Russ Housley expressed a concern about having to do a BCP before chartering.

- Jim Fenton noted that there isn't anything in the DKIM specs. including SSP,
  that mandates any bad behaviour. Maybe you know something about the signing
  address, maybe you don't and we have a large body of unsigned messages, and
  what the alleged sender would like you to do with those unsigned messages.
  Stephen agreed that handling unsigned messages was hard and without something
  like SSP it might be very hard.

- Harald Alvestrand said he hadn't read the drafts but has been listening to
  the discussion and was trying to put himself in the shoes of someone who
  brings work to the IETF who was less polite. If he was told that he was going
  to have to have consensus on something that might or might not occur 10 years
  out he would walk away. This discussion was about whether the IETF will be
  allowed to contribute to this effort. The IETF may not have input if it insists
  on operating this way. [The audience applauded this contribution.]

- Jim Galvin noted that the document speaks in terms of how mailing lists break
  signatures and DKIM which is an unfair characterization. Mailing list
  managers are good actors. You just need to tell them what the right thing to do
  is. The BoF chairs agreed that this was in scope and presenting a positive view
  of what mailiing list managers could do was a good idea.

- Doug Otis agreed that the base spec provides a good mechanism but said SSP
  does talk about good and bad behavior. The vast majority of people would not
  want to be as restrictive as a bank, and so he thinks we want to figure out how
  to special case the bank and optimize for the general case. Barry encuraged
  Doug to come to WG meetings and help us to sort that out.

- Keith, in response to Harald: it's really easy to say that DKIM is really
  simple. Over the years we've seen lots of simple proposals that we thought
  wouldn't have unintended consequences. Barry Leiba noted that we can consider
  consequences in the WG, the point is that we don't have to do it before hand.

- Bill Somerfield had a similar comment to Jim Galvin. He thinks the charter
  should specifically address mailing lists.

- Mark Delany would like to put a vote in for SSP in some form, perhaps not
  necessarily the current form.

- Richard Shockey agreed with Harald: every possible protocol we develop could
  have unintended consequences.

- Bernard Aboba noted that the biggest problem is unintended consequences
  coming from things that are useful not things that are not useful. 


Barry asked the room to hum if they wanted a WG formed as described in the
charter (assuming modifications to reflect the meeting). There was an
overwhelming hum for WG formation on that basis.


DKIM BOF general slides
DKIM threats analysis overview
DKIM specification overview