Language Selection

English French German Italian Portuguese Spanish

New E-Mail Authentication Spec Submitted to IETF

Filed under
Security

A group of leading technology companies that includes Microsoft Corp., IBM, Yahoo Inc. and Cisco Systems Inc. has submitted a new e-mail authentication standard to the Internet Engineering Task Force for consideration, eWEEK has learned.

The specifications for DomainKeys Identified Mail, or DKIM, were submitted to the IETF on Monday for consideration as a new e-mail authentication standard. DKIM has been in development since August and combines technology from Yahoo and Cisco. In addition to backing the new standards, the authoring companies plan to license it for free and may release it to the open-source community, according to information provided to eWEEK by the group.

The new DKIM standard will be available as an IETF Internet Draft through the organization's Web site in the near future, said Eric Allman, chief technology officer at Sendmail Inc.

Discussions of DKIM will be part of the 63rd IETF meeting in Paris, which begins on July 31, 2005, according to the group.

DKIM uses public key cryptography to sign e-mail messages, allowing receiving domains to identify legitimate senders and weed out spam and phishing e-mail with spoofed addresses. The specification combines elements of Yahoo's DomainKeys technology and Cisco's Internet Identified Mail technology.

As with DomainKeys, e-mail domain owners will generate a public and private cryptographic key pair, then publish the public key in their DNS (Domain Name System) record. The private key is stored on their e-mail servers. Components of Cisco's Identified Internet Mail header-signing technology will be used to sign messages, said Miles Libbey, anti-spam product manager at Yahoo.

E-mail administrators will have to install a software plug-in that supports DKIM on their mail servers, but the change will be easy to implement, especially for domain owners who have already set up DomainKeys, Libbey said.

Leading e-mail server makers such as Sendmail Inc. are pledging to release DKIM plug-ins for their products.

"We wanted to make it as easy as possible to make the transition from DomainKeys to DKIM," Allman said.

DKIM could become a widely accepted standard for securing e-mail communications and thwarting e-mail forgery and phishing attacks, said Jim Fenton, distinguished engineer at Cisco and one of the authors of the new specification.

"A lot of people in the past have said the future is to put cryptographic signatures in [e-mail] messages. So we're trying to present the future here. And we believe the future is now."

The announcement comes as leading e-mail experts are gathering in New York City this week to encourage organizations to implement e-mail authentication technology such as DomainKeys, or Microsoft's SIDF (Sender ID Framework).

Full Story.

More in Tux Machines

Chromixium Adds Polish to Chrome

Chromixium is a new Linux distro that goes one big step further than the few existing distros catering to the Chrome OS. It one-ups Google's semi-proprietary Chrome OS locked into the popular Chromebook hardware. Read more

Leftovers: KDE Software

  • Interview with David Revoy
    I bought a tablet to start to paint digitally during this period. I didn’t know many things about software, so my first years of digital painting were made with Photoshop Elements (bundled with the tablet). With digital painting, I could experiment with many themes I could never have sold on canvas. Then I met online publishers interested in my digital art and started to work more and more as a digital painter with an official Photoshop licence, Corel Painter, etcetera. In 2003 I ended my career as a traditional painter when a client decided to buy my whole stock of canvas.
  • There and back again, an algorithm tale
    Implementing Qt data models is anything but fun. For that reason, I don’t blame anyone for writing a beginResetModel / endResetModel combo any time a more complex change has happened.
  • Google Summer of Code 2015 – Week One : The Joy Of The First Paycheck!
    What I have done till now is collect constellation artwork used in Stellarium, and complied a list of 3 stars for each constellation which would be used to position the constellation image in the sky map. I started coding and have written the ConstellationArt class declaration. Earlier I had included a Q_PROPERTY to make constellations fade in and out, but I was told that this would be difficult to achieve since KStars doesn’t use OpenGL. In any case, I think getting the constellations to display correctly in the sky is more important than making them fade. That could always be done at a later point of time.
  • Suggesting new ways: Kamoso 3.0 Technology Preview
    The world changes, and with it, we change too. For this new version of Kamoso we wanted to iterate what we’re presenting.

Carl Sagan's solar-powered spacecraft is in trouble

  • Carl Sagan's solar-powered spacecraft is in trouble
  • Software Glitch Pauses LightSail Test Mission
    But inside the spacecraft's Linux-based flight software, a problem was brewing. Every 15 seconds, LightSail transmits a telemetry beacon packet. The software controlling the main system board writes corresponding information to a file called beacon.csv. If you’re not familiar with CSV files, you can think of them as simplified spreadsheets—in fact, most can be opened with Microsoft Excel.

Ubuntu Touch OTA-4 Update to Let Users Import SIM Contacts

A fresh OTA update is being prepared for Ubuntu Touch, and it should land soon. Developers have released some of the most important improvements that will be implemented in the upcoming release. Read more