Language Selection

English French German Italian Portuguese Spanish

New E-Mail Authentication Spec Submitted to IETF

Filed under
Security

A group of leading technology companies that includes Microsoft Corp., IBM, Yahoo Inc. and Cisco Systems Inc. has submitted a new e-mail authentication standard to the Internet Engineering Task Force for consideration, eWEEK has learned.

The specifications for DomainKeys Identified Mail, or DKIM, were submitted to the IETF on Monday for consideration as a new e-mail authentication standard. DKIM has been in development since August and combines technology from Yahoo and Cisco. In addition to backing the new standards, the authoring companies plan to license it for free and may release it to the open-source community, according to information provided to eWEEK by the group.

The new DKIM standard will be available as an IETF Internet Draft through the organization's Web site in the near future, said Eric Allman, chief technology officer at Sendmail Inc.

Discussions of DKIM will be part of the 63rd IETF meeting in Paris, which begins on July 31, 2005, according to the group.

DKIM uses public key cryptography to sign e-mail messages, allowing receiving domains to identify legitimate senders and weed out spam and phishing e-mail with spoofed addresses. The specification combines elements of Yahoo's DomainKeys technology and Cisco's Internet Identified Mail technology.

As with DomainKeys, e-mail domain owners will generate a public and private cryptographic key pair, then publish the public key in their DNS (Domain Name System) record. The private key is stored on their e-mail servers. Components of Cisco's Identified Internet Mail header-signing technology will be used to sign messages, said Miles Libbey, anti-spam product manager at Yahoo.

E-mail administrators will have to install a software plug-in that supports DKIM on their mail servers, but the change will be easy to implement, especially for domain owners who have already set up DomainKeys, Libbey said.

Leading e-mail server makers such as Sendmail Inc. are pledging to release DKIM plug-ins for their products.

"We wanted to make it as easy as possible to make the transition from DomainKeys to DKIM," Allman said.

DKIM could become a widely accepted standard for securing e-mail communications and thwarting e-mail forgery and phishing attacks, said Jim Fenton, distinguished engineer at Cisco and one of the authors of the new specification.

"A lot of people in the past have said the future is to put cryptographic signatures in [e-mail] messages. So we're trying to present the future here. And we believe the future is now."

The announcement comes as leading e-mail experts are gathering in New York City this week to encourage organizations to implement e-mail authentication technology such as DomainKeys, or Microsoft's SIDF (Sender ID Framework).

Full Story.

More in Tux Machines

Linux panel PC offers IP69K protection against jet spray

TechNexion has launched a 10.1 inch, 1280 x 800 capacitive touch panel PC that runs Linux or Android on an i.MX6, and offers IP69K protection. TechNexion, which has long been a provider of COMs and SBCs based on Freescale/NXP i.MX SoCs, also sells a line of Linux- and Android-friendly i.MX6, i.MX6UL, and i.MX7 based panel PCs. The latest is a 10.1 inch TWP-1010-IMX6 model that shares many of the same features of its 15.6-inch TWP-1560-IMX6 sibling, including NXP’s i.MX6 SoC, M12 connectors, and a SUS 304 stainless steel case with an IP69K water- and dust-proofing certification. Read more Also: Mongoose OS for IoT prototyping

10 Open Source Skills, Data Analysis Skills and Programming Languages

  • 10 Open Source Skills That Can Lead to Higher Pay
    Last month, The Linux Foundation and the online job board Dice released the results of a survey about open source hiring. It found that 67 percent of managers expected their hiring of open source professionals to increase more than their hiring of other types of IT workers. In addition, 42 percent of managers surveyed said they need to hire more open source talent because they were increasing their use of open source technologies, and 30 said open source was becoming core to their business. A vast majority — 89 percent — of hiring managers said that they were finding it difficult to find the open source talent they need to fill positions.
  • If you want to upgrade your data analysis skills, which programming language should you learn?
    For a growing number of people, data analysis is a central part of their job. Increased data availability, more powerful computing, and an emphasis on analytics-driven decision in business has made it a heyday for data science. According to a report from IBM, in 2015 there were 2.35 million openings for data analytics jobs in the US. It estimates that number will rise to 2.72 million by 2020. A significant share of people who crunch numbers for a living use Microsoft Excel or other spreadsheet programs like Google Sheets. Others use proprietary statistical software like SAS, Stata, or SPSS that they often first learned in school.
  • std::bind
    In digging through the ASIO C++ library examples, I came across an actual use of std::bind. Its entry in cppreference seemed like buzzword salad, so I never previously had paid it any attention.

Visual revamp of GNOME To Do

I’m a fan of productivity. It is not a coincidence that I’m the maintainer of Calendar and To Do. And even though I’m not a power user, I’m a heavy user of productivity applications. For some time now, I’m finding the overall experience of GNOME To Do clumsy and far from ideal. Recently, I received a thank you email from a fellow user, and I asked they what they think that could be improved. It was not a surprise when they said To Do’s interface is clumsy too. Read more

Today in Techrights