Skip to main content

DomainKeys Identified Mail v2
bofreq-kucherawy-dkim2-00

Document Type Proposed BOF request
Title DomainKeys Identified Mail v2
Last updated 2025-01-11
State Proposed
Editor Murray Kucherawy
Responsible leadership Murray Kucherawy
Send notices to brong@fastmailteam.com, resnick@episteme.net
bofreq-kucherawy-dkim2-00

Name: DomainKeys Identified Mail v2 (DKIM2)

Description

DKIM [STD 76, RFC 6376] is a broadly deployed technology developed as an anti-fraud measure extending email to support domain-level digital signatures. Experience has shown that it is effective at its task, but this has proven to fall short of the desired goal of full authentication/authorization of domain name use in messages. That is, it is not a complete defense against email fraud.

Particular targets to be addressed include:

  • "replay" attacks, where an undesirable (e.g., spam or phishing) message is signed by a reputable operator and then re-sent to arbitrary other users

  • identification of and accountability for message mutations that might invalidate prior DKIM signatures

  • "backscatter", wherein a message found to be unacceptable claims to have been authored by someone that did not send it, resulting in bounce messages flooding an unwitting victim

A community of mailbox operators proposes a new protocol, using concepts from DKIM, to take fraud defenses to the next level. It will incorporate ideas that have been proposed over the years since DKIM with new proposals to round out the solution space.

Reconstituting the DKIM working group itself is already being attempted but as that discussion has not resolved, this BoF request is being filed to reserve in-person time that may be needed.

Modifying DKIM itself, or the core email protocols, is expected to be out of scope.

Required Details

  • Status: WG Forming
  • Responsible AD: Murray Kucherawy
  • BOF proponents: Bron Gondwana <brong@fastmailteam.com>, Pete Resnick <resnick@episteme.net>
  • Number of people expected to attend: 100
  • Length of session (1 or 2 hours): 2 hours
  • Conflicts (whole Areas and/or WGs)
  • Chair Conflicts: EMAILCORE, DMARC
  • Technology Overlap: N/A
  • Key Participant Conflict: Murray Kucherawy, Pete Resnick, Bron Gondwana

Information for IAB/IESG

To allow evaluation of your proposal, please include the following items:

  • Any protocols or practices that already exist in this space: DKIM [STD 76], DMARC [RFC 7489], ARC [RFC 8617]
  • Which (if any) modifications to existing protocols or practices are required: None will be permitted
  • Which (if any) entirely new protocols or practices are required: This proposed protocol
  • Open source projects (if any) implementing this work: The Trusted Domain Project will likely engage in building a prototype as it did for DKIM, ARC, and DMARC.

Agenda

[TBD]