Language Selection

English French German Italian Portuguese Spanish

New E-Mail Authentication Spec Submitted to IETF

Filed under

A group of leading technology companies that includes Microsoft Corp., IBM, Yahoo Inc. and Cisco Systems Inc. has submitted a new e-mail authentication standard to the Internet Engineering Task Force for consideration, eWEEK has learned.

The specifications for DomainKeys Identified Mail, or DKIM, were submitted to the IETF on Monday for consideration as a new e-mail authentication standard. DKIM has been in development since August and combines technology from Yahoo and Cisco. In addition to backing the new standards, the authoring companies plan to license it for free and may release it to the open-source community, according to information provided to eWEEK by the group.

The new DKIM standard will be available as an IETF Internet Draft through the organization's Web site in the near future, said Eric Allman, chief technology officer at Sendmail Inc.

Discussions of DKIM will be part of the 63rd IETF meeting in Paris, which begins on July 31, 2005, according to the group.

DKIM uses public key cryptography to sign e-mail messages, allowing receiving domains to identify legitimate senders and weed out spam and phishing e-mail with spoofed addresses. The specification combines elements of Yahoo's DomainKeys technology and Cisco's Internet Identified Mail technology.

As with DomainKeys, e-mail domain owners will generate a public and private cryptographic key pair, then publish the public key in their DNS (Domain Name System) record. The private key is stored on their e-mail servers. Components of Cisco's Identified Internet Mail header-signing technology will be used to sign messages, said Miles Libbey, anti-spam product manager at Yahoo.

E-mail administrators will have to install a software plug-in that supports DKIM on their mail servers, but the change will be easy to implement, especially for domain owners who have already set up DomainKeys, Libbey said.

Leading e-mail server makers such as Sendmail Inc. are pledging to release DKIM plug-ins for their products.

"We wanted to make it as easy as possible to make the transition from DomainKeys to DKIM," Allman said.

DKIM could become a widely accepted standard for securing e-mail communications and thwarting e-mail forgery and phishing attacks, said Jim Fenton, distinguished engineer at Cisco and one of the authors of the new specification.

"A lot of people in the past have said the future is to put cryptographic signatures in [e-mail] messages. So we're trying to present the future here. And we believe the future is now."

The announcement comes as leading e-mail experts are gathering in New York City this week to encourage organizations to implement e-mail authentication technology such as DomainKeys, or Microsoft's SIDF (Sender ID Framework).

Full Story.

More in Tux Machines

Huawei Watch Review: Best Android Wear Smartwatch Available

The Huawei Watch currently offers the best option on the Android Wear platform. The Huawei Watch looks elegant and offers great design as well as multiple attractive style options depending on the buyer’s cash flow. Even iPhone owners can take a look. If an iPhone owner prefers a stainless steel round watch, then the Huawei Watch is a usable option at a lower price than the Stainless Steel Apple Watch. Android Wear works well on iPhone, but does not give users the same level of integration. The most important features work fine, including notifications and fitness tracking. We give the Huawei Watch a hearty recommendation. It is worth paying a little more for this attractive and well-designed Android Wear smartwatch. Read more

Linux Kernel 4.1.10 LTS Is Now Available for Download with Networking Fixes

After announcing the release of the Linux 4.2.3 kernel, Greg Kroah-Hartman has informed the world today, October 3, about the release and immediate availability for download of the tenth maintenance version of the Linux 4.1 LTS kernel series. Read more Also: Linux 4.3-rc4 Kernel Released: Adds A New & Better String Copy Function Linus Torvalds Announces Linux Kernel 4.3 RC4 on the Eve of the Project's 24th Birthday

How Debian managed the systemd transition

Debian's decision to move to systemd as the default init system was a famously contentious (and rather public) debate. Once all the chaos regarding the decision itself had died down, however, it was left to project members to implement the change. At DebConf 2015 in Heidelberg, Martin Pitt and Michael Biebl gave a down-to-earth talk about how that implementation work had gone and what was still ahead. Pitt and Biebl are the current maintainers of the systemd package in Debian, with Pitt also maintaining the corresponding Ubuntu package. The pair began with a brief recap of the init-replacement story, albeit one that steered mercifully clear of the quarrels and stuck to the technical side. Initial discussions for replacing the System V init system began as far back as 2007, but pressure grew in recent years, included considerable demand from system administrators and upstream projects (typically wanting specific features like support for logind or journald). Once the Technical Committee had made its decision to adopt systemd as the default, Pitt said, "the real work" began. Read more (paywalled before)

Linux 4.3-rc4

You all know the drill by now. It's Sunday, and there is a new release candidate out there. Things look fairly normal. We have noticeably fewer commits than rc3 (which was fairly big), and I don't see anything unusually alarming. The statistics look pretty normal too: just under half of the patch is drivers (drm continues to be noticeable, but there's infiniband, mmc, input layer etc). About a quarter is arch updates (m68k, MIPS, x86) and the final quarter is solidly "misc" (doc updates, tools, scripts, scheduler, mm..). The appended shortlog gives a flavor of the details. Linus Read more