After numerous discussions and spirited debate, the IETF has finally published a couple of important new RFCs related to DKIM. RFC6376 is the update to DKIM itself that does a thorough job cleaning up the original version, and RFC6377 provides recommended practices for using DKIM with respect to mailing lists. With this, DKIM has advanced from being a Proposed Standard to a Draft Standard, indicating a level of maturity and stability held by only a small fraction of Internet protocols in use.
As I’ve written before, DKIM (DomainKeys Identified Mail) allows one to attach a domain name to a message in a way that provides some assurance of its valid use. Since the rest of an email message can essentially be forged, this is a big development in the advancement of messaging trust and security. DKIM is an important input to concepts like domain reputation systems, a topic that will be covered during a session at the MAAWG conference next month. Domain reputation stands to be a key component of message security systems in the future, especially as the transition to IPv6 continues. The IETF is also considering a working group to tackle the concept of delivering reputation services in a reliable and open way, and DKIM will likely be a prominent figure in sample implementations.
Cloudmark is pleased to be a part of the support and advancement of this work!