Professional Documents
Culture Documents
DKIM Teaser 03
DKIM Teaser 03
(DKIM)
Validate
Validate identifier
identifier and
and
Consortium spec msg
msg data
data integrity
integrity
Derived
Derived from
from Yahoo
Yahoo DNS
DNS identifiers
identifiers
DomainKeys
DomainKeys and and Cisco
Cisco Public
Public keys
keys in
in DNS
DNS
Identified
Identified Internet
Internet Mail
Mail End-to-end
End-to-end
IETF published Between
Between origin/receiver
origin/receiver
administrative
administrative domains
domains
revision – RFC 4871 Not
Not path-based
path-based
DKIM Goals
Based on message content, itself
Not
Not related
related to
to path
path
Transparent to end users
No
No client
client User
User Agent
Agent upgrades
upgrades required
required
But
But extensible
extensible to
to per-user
per-user signing
signing
Allow signature delegation
Outsourcing
Outsourcing
Low development, deployment, use costs
Avoid
Avoid large
large PKI,
PKI, new
new Internet
Internet services
services
No
No trusted
trusted third
third parties
parties (except
(except DNS)
DNS)
Signs body and selected parts of header
Signature transmitted in DKIM-Signature:
header
Public key stored in DNS
In
In _domainkey
_domainkey subdomain
subdomain
Uses
Uses TXT
TXT RR
RR
Namespace divided using selectors
Allows
Allows multiple
multiple keys
keys for
for aging,
aging, delegation,
delegation, etc.
etc.