Scribd Logo
Upload

Welcome to Scribd!

  • DKIM Teaser 03

    Uploaded by

    Chintan JustinTest
    19 views3 pages
    DomainKeys Identified Mail (DKIM) is a technical specification that allows an organization to authenticate transmitted messages by digitally signing them. It uses public key cryptography where the public key is stored in the DNS and a signature is added to email messages to validate the sender's identity and integrity of the message content. DKIM aims to provide transparent authentication of email between administrative domains without requiring changes to client email programs or relying on a trusted third party system.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    DomainKeys Identified Mail (DKIM) is a technical specification that allows an organization to authenticate transmitted messages by digitally signing them. It uses public key cryptography where the public key is stored in the DNS and a signature is added to email messages to validate the sender's identity and integrity of the message content. DKIM aims to provide transparent authentication of email between administrative domains without requiring changes to client email programs or relying on a trusted third party system.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    19 views3 pages

    DKIM Teaser 03

    Uploaded by

    Chintan JustinTest
    DomainKeys Identified Mail (DKIM) is a technical specification that allows an organization to authenticate transmitted messages by digitally signing them. It uses public key cryptography where the public key is stored in the DNS and a signature is added to email messages to validate the sender's identity and integrity of the message content. DKIM aims to provide transparent authentication of email between administrative domains without requiring changes to client email programs or relying on a trusted third party system.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 3

    DomainKeys Identified Mail

    (DKIM)

    D. Allows an organization to claim


    D. Crocker
    Crocker ~~ bbiw.net
    bbiw.net
    responsibility for transmitting a
    message, in a way that can be
    dkim.org
    dkim.org validated by a recipient

    
     Validate
    Validate identifier
    identifier and
    and
    
     Consortium spec msg
    msg data
    data integrity
    integrity
    Derived
    Derived from
    from Yahoo
    Yahoo  DNS
     DNS identifiers
    identifiers
    DomainKeys
    DomainKeys and and Cisco
    Cisco  Public
     Public keys
    keys in
    in DNS
    DNS
    Identified
    Identified Internet
    Internet Mail
    Mail End-to-end
    
     End-to-end
     IETF published  Between
     Between origin/receiver
    origin/receiver
    
    administrative
    administrative domains
    domains
    revision – RFC 4871  Not
     Not path-based
    path-based
    DKIM Goals

    
     Based on message content, itself
     Not
     Not related
    related to
    to path
    path
    
     Transparent to end users
     No
     No client
    client User
    User Agent
    Agent upgrades
    upgrades required
    required
     But
     But extensible
    extensible to
    to per-user
    per-user signing
    signing
    
     Allow signature delegation
     Outsourcing
     Outsourcing
    
     Low development, deployment, use costs
     Avoid
     Avoid large
    large PKI,
    PKI, new
    new Internet
    Internet services
    services
     No
     No trusted
    trusted third
    third parties
    parties (except
    (except DNS)
    DNS)

    D. Crocker DKIM Teaser 2


    Technical High-points
    High-points

    
     Signs body and selected parts of header
    
     Signature transmitted in DKIM-Signature:
    header
    
     Public key stored in DNS
     In
     In _domainkey
    _domainkey subdomain
    subdomain
     Uses
     Uses TXT
    TXT RR
    RR
    
     Namespace divided using selectors
     Allows
     Allows multiple
    multiple keys
    keys for
    for aging,
    aging, delegation,
    delegation, etc.
    etc.

    D. Crocker DKIM Teaser 3

    You might also like