DKIM deliberately makes no binding between the DNS domain of the signer of a
message and any other identity found in the message. Despite this, there is an
automatic human perception that an author domain signature (one for which the
RFC5322.From domain matches the DNS domain of the signer) is more valuable or
trustworthy than any other. There is currently no protocol by which an ADMD can
announce that DKIM signatures on its mail added by other ADMDs should also be
considered trustworthy by verifiers. This presents an experimental mechanism
for doing so.
Working Group Summary
This is an individual submission, but was discussed with the former DKIM
participants, on the DKIM mailing list. Note that there is NOT general
agreement that this protocol is important, or even useful. There is good
consensus that experimentation is needed to determine utility, and this document
sets up that experiment by proposing a protocol for it.
ATPS has been prototyped, in preparation for this experiment, and is available
in an open-source implementation. Other implementations are expected as
the experiment proceeds.
Barry Leiba is the Document Shepherd.
Sean Turner is the responsible Area Director.
The new registry should be nested under DKIM Parameters.