Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


New E-Mail Authentication Spec Submitted to IETF



 By: Paul F. Roberts
2005-07-11
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The Domain Keys Identified Mail standard uses public key cryptography to sign e-mail messages, allowing receiving domains to identify legitimate senders and weed out spam and phishing e-mail with spoofed addresses.

A group of leading technology companies that includes Microsoft Corp., IBM, Yahoo Inc. and Cisco Systems Inc. has submitted a new e-mail authentication standard to the Internet Engineering Task Force for consideration, eWEEK has learned.

The specifications for DomainKeys Identified Mail, or DKIM, were submitted to the IETF on Monday for consideration as a new e-mail authentication standard. DKIM has been in development since August and combines technology from Yahoo and Cisco. In addition to backing the new standards, the authoring companies plan to license it for free and may release it to the open-source community, according to information provided to eWEEK by the group.

The new DKIM standard will be available as an IETF Internet Draft through the organizations Web site in the near future, said Eric Allman, chief technology officer at Sendmail Inc.

Allman is part of a core working group that created the DKIM specification. The group includes representatives from PGP Corp., Yahoo and Cisco.

Resource Library:
Discussions of DKIM will be part of the 63rd IETF meeting in Paris, which begins on July 31, 2005, according to the group.

DKIM uses public key cryptography to sign e-mail messages, allowing receiving domains to identify legitimate senders and weed out spam and phishing e-mail with spoofed addresses. The specification combines elements of Yahoos DomainKeys technology and Ciscos Internet Identified Mail technology.

As with DomainKeys, e-mail domain owners will generate a public and private cryptographic key pair, then publish the public key in their DNS (Domain Name System) record. The private key is stored on their e-mail servers. Components of Ciscos Identified Internet Mail header-signing technology will be used to sign messages, said Miles Libbey, anti-spam product manager at Yahoo.

E-mail administrators will have to install a software plug-in that supports DKIM on their mail servers, but the change will be easy to implement, especially for domain owners who have already set up DomainKeys, Libbey said.

Leading e-mail server makers such as Sendmail Inc. are pledging to release DKIM plug-ins for their products.

"We wanted to make it as easy as possible to make the transition from DomainKeys to DKIM," Allman said.

DKIM could become a widely accepted standard for securing e-mail communications and thwarting e-mail forgery and phishing attacks, said Jim Fenton, distinguished engineer at Cisco and one of the authors of the new specification.

"A lot of people in the past have said the future is to put cryptographic signatures in [e-mail] messages. So were trying to present the future here. And we believe the future is now."

The announcement comes as leading e-mail experts are gathering in New York City this week to encourage organizations to implement e-mail authentication technology such as DomainKeys, or Microsofts SIDF (Sender ID Framework).

Click here to read about the Sender ID wars.

Fenton and Libbey acknowledged that unveiling the DKIM specification on the eve of the Summit could complicate matters because DKIM isnt ready for deployment, though it has been tested in three trial deployments by Sendmail and Cisco to shake out problems in the specifications, Fenton said.

"Is DKIM available now? No. But enterprises should start planning for it and start putting infrastructure in place to use it when it is available," he said.

Even when it is ready for deployment, DKIM will be one layer of a multilayered solution for problems such as spam and phishing that also includes SPF and SIDF, Fenton said.

"Its like trying to stop crime, said Libbey. "Its silly to have locks on your doors, but no police force. You never want only one defense."

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: New E-Mail Authentication Spec Submitted to IETF
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Paul F. Roberts
 


x}r8s;W1ŋK-֔my,Uyc#IlS$lz'ˉ.KlWmDf"H$~ ogOD01pE1>zΤ.?|ߛF0TEK Ϡ^-ȐZC}wu9k!;#|6%?|w *s=NNK&OV`N]ٜc7h2 X- (kzZC'Ajw(CJ}8KE!@|2Cַ(>r@oT| pTƦ;=az5EhDԸ#|x\w?ȀYǝF {.Q^Z ,gx 4b'*cO^3lcㅰ A-c9p<^- G7J3v'u٪b'ӤbfHÑcPwXS.HVfFԴ;gu[gb]ױ}ǣ# 3Cv?ĭP If% a5g?LG`B'lǦ" 'm_j|sfq@fnrdHU ~cn! :t<=0;DL<:/yÙ6mަ2Qukeu}uHu|vtn ,3sAT4 ̠K`W:+9jqsҼyi_6;7]rҹ&֗qՙyN0p3 ZZ~`Ck'ޮC"wA<0MߑҾ>"3^$>IN±,7{Mϳ90o-Yn]H.)޵T|Y|ěy#0ri4(߆A@[@ k+:YK70S_f]-w za4Z@Lt&h)5?&1gMab&DJH7Ӕye $}ВEtBAͨ8 .)J!"xN3ˌE !\J!]! g|8Jn.b?_5 .Ӱfeٜ҅%]Wa oQ#L .ϱV$ݫe.ZnS3G#вnZs榣V)ǦcWJPX=,‹ʾb(7Z`Lm,5,LtϬ Y0` i vzէ!>RÜMkݶOCGs>H2胎6ml-ÉIXn`vth7X(=cOgv/|\aPn-탉j$>6(Zχ`c˦M@B9{ǻޚB<QЁ4}aqjQ]*~3=w= P X.s 6G~>0-0!%6A\IQ?z dQJ ds 4.gP)AH = 99 Ŋ|?#!bTLZ'9Tt{B#;}Tz(΍gR1eb -d[b~Il eV&vpbB|#'bXr`Y \h+i)!4ÃiА4XĹǦ笳Z&5T\'ޒN86̜07ÚL ~Dg艉m>`4fs)wdm˴o)TЛv39n(!+hWY 2cdRU';oW f4ݤ|r%e{Rr=""ǰ}_7>DL)^HIRЙj!@9z٧l)?ΖuVkͲG{_No6Ҟy4 m {g@x dlK/,:+c:JK_jihH*6@\X1,# %Σ?0Z'mGwla=5G0_ܰ킡K*+'G,-s9Za5sV@@@7ho`*.m^'Vޱu<| ]=r367?C<<fRq'ӠIa e ֤ԪLM>kQ@_ƅ/c%|o2rl\:|ꚺ8/- 'uaGlHss4&uE8` ;DzۃӜh2F ÑiHuߴc#R XO%}T5&QȺ='a(Juѧȅi s M~NV hPQ1 "I9Ou/F#O~̧^ۨalEk 5o` 12l3u&/zr:آgs|eLZմlxTaWJ$z`LF Zman0L{3N۩6{1 ";&Ԧg>jאj8yn)crdl-qVY=w7䪢-Ï>ޭlF'F vo(0f4fӤ-Rxsֹe=UN_1"ڟskh豸2] QB|ڵ`LaMS؇b_@T_-5k7k"X쵿KCbQD h^{p ZN:ӁZFB-š8k*rWo鸙 y@<sUJ ̿-X`c1s*? << Rglg^a+w22Owž_FpapgH\OU۶A9Tb1JiRx` fΔzlh_e7UE=ݠ1p Ju氤'v ˽'jD@KYJ7᭬j}UNJZZ$t`1۳<%8tpL\'eM=Js5{um?L7 xG ?ws~̾n02Frl VVJroȅi#uL)ji =B$rMN6[_-Java *s>P9ɷwnh‰mCXx|{ `?K{c, ,"zдR=.=2fV(Yŵ?~hhqL ^\}ۅ^?hUeabE1 wcyKV~ZgZqRYtW%pnHAc'˞tҸh=3>L{̾~xfmڝ {HZӳ^}܇/5.HftH`)/-~61z˾NIM$(Xq4qs'^Y{{h6ۗ5a>;oF"$ _9z q}ھ_>wQCr޾lI^z+փ w"y%9!hUHV:<fShmƛ&akCK#fWDH[h!uu͙b9kI.Dz=d_5g0õh4&l귝/ؿ+[̚_fĄBAJNy(@RPOh[#ykt$;3Ğw=Ih!:Uaҏ"(BS.iDO§,:\78Sj6џ}AFJNnVZ-[N7S+t,'GD_q-5sz4~& \1Z9nl!=B2^'68]h)9IBEa]Zinu zs@&aP;DZ3pu*h hw-SsS)dAGJ脊fye5))eH5NRMLC]OC/%$;kB:zs ݫgaM6mn3j/Nn_"GX ;[ .ViH0_Ӹ\b赏D XY+oxta}XkI-jշΫ؉C6OY`09˫b~]ȩ_ugj̣{mDi:n;GQ =dZnW8Z7𿲜\ta_}c|۷=sF'5\;>'cv,QNxqf=;0Gst7Xpg-;oCĆ'wj 2'|?Gdc: M"I^U֩UdU)I]YDG㳑)G8b[`@L6COځ{-3(!GoC]j~l]s!TxBo~=ˤa2]a{*{w}wo]VZtC.q@1&d/.)%E 5 OKt1ڬ/ۥ{HkYXxlQ;Wg Ok O=pԲ؉ǣyxyg>,d9a}430[˱=Ιd<J;moݍnL M A;"J [4 2UCnC_:Z1iE0pDa~o1֢${ |o(o&򽡎xk4) kN7C_bJi{\naa0^> <"s(ı߂KݤCƧSӆUe[CY=_2fVT]P=w[Qvjsob#&=A/"QoBxvMt߭?1} #Ȓnұc2?Ģ짉h|"8|ѭV-٭?WDc*wSl J U<1ac<ߙ3sWǣ|Ed1| R5DN1%*׷\ ֥Ctyn/L"rRc@[YxHN]!~?rML)kk5 h]6; =6ZnDd\GNl<>:J&d(΀{,S|Xz({P>N|81paRhςβ @>sB,`zPW?G"[ܲ6-`zId`2#~Խ] zE"0?  vE!i0 yL]tq-OSV&Q 6stﮊۭ"'ωz%^y>3J7-ԝyw{RTV3A87tLmΖ؇ol}Ӛ[1;IMLօnZ %k4$x(]e0L'- ,A a-⚲%Mٔk/51<茘I]gW T*jYhDj -񍑭oZsKUSqS)=iDic\^H3so & Tj00+C/pбch/d %  AƌYKZ T TRԟV|X6+lf#@pBG M/4OKDDm,8חmi x gN&]qg9%OHZ )`jm񤮃Yo3 ,ǹE<2 #0l1a="{l;7 S^s&\> v^>&&חmF/dv۱R([a|T{=T+&dG/7Y}cNM [Lj嬸71=Cʅ+݃) ZZ?J< Ax$n͔͡  z{c}i44Uqk+}W9<^# #ȡVXRe)XQprqᵹKmLqtS6e&|VyoDM1% Mmm@ɷӯC\yiz_LbHOn}inEn:Kz0Y?R;3*i%XXC;z-apn=cz wgS#"oʆRzm}*p$XXs=u=enMQ(Et;ëD^yAh$ +R)A'7p8 ڵ10ƫR 4r¼6te& a^c|IBehSZ;-۟aOEnRf{EJ Vk6}bv!f1m~I{]E?Mj}o/-7C$knt7aWK T#s ` $Pĵ$%STԟ]! JS$Y::FR0уP@@_33@ 鈒țaQ D~.$u}CrDZ7k[8 (oɑ11qg~oR2U8D_lKla /쬐2ޏYU} t(sQsn hHA;1Lj1+l/W˜le *#("s&USISo=`²HdR*͍ 4M׉oEu:V\4N3=AS6@;v}IhX6կxb< \D7{`hŗ]qܿ v[ĔkSnzTb {fy@SkkH.TRs Z!ߤeOa5;4|6Zzzl/XHoif-e։5CV$4+L4s+){(Yy7{*rpD{cн>u]<Χ;4)PT_5?}r闶Q0$ȣ)Ie^죆e- I¼4b'6^4bd= T?^<9G&! aU@ a'76s^m6Նa]=G?\=eO) x痂}-Ҫ=ėq}L集΀g {#9>^kkݰ PAgt~D)޷|̒fSxY f0 o?P}dɟwbnc䭼ĕd?~܉2ٓp~N>&>y^HocVxpSD[x?̝oSǝ@ S,ݼxr/K`7R eevךQN|l:.z*juo3 DQ\h#)5|5X{#|rڧ  xA w)> 6V8>䀲el>1v%1h}PR #;%1Y{=c>{6~6#uT]QS[W׬Z3o?[+W#rd! `,%7vy񡏉pD]bɠC:^PZ6`;TPs\m.MEfAȢiW\1^U}ub?=G/ttAk-c"]J1xy[Ò+5fL1P;qU6'a3LyM13цX50~fDZGav̈́7|W@O[jkwfhDPUd.IdtlQOa)oc,]wK)b7#{ա[Kx6_j~R.gI* Eq.Jd @@pf`2'chjjP)ÿCrz~@y^iwqݓǎV5U*嘔QVT8g0(Urs я6Xeec=Hmy1~RI+-ݳa8n!EWS(q|->"AdӃtNO^kQ gL!l9 c=ZF]Meik)q O $-<" @WDu#i!DI+vl"mknnBzT6P{y|1~"js~ s1),9+s{ xfVؖTm}qV.$%n蜜n1Evot KYV?o J=9`Vޏ1ois\ ⺦J ]0] aLobD )m2F Oc+ӘP3{3_+@JLB(fYiv' ?]OpYxAE1K= p.ʔkg1l*Kv!߰,VIm{7R[ Eꊍ\DQ`-nhM뵮aC;3&2Cߑ7ŭ>giaJlƃ)~É ANxl0W)^2 s\v 'кlɧtC!ᘭ#!+^bΑrֺt}UCR/3O0 枩NHFTdL4B&(qTi+$K4n߳e-4W )WPx r##v(CdQLG|LBz،\{ݾ嘫7ο5iVt?uWv;7xZѷptԭsi~=\}=i_ۗ\hT湾L۝%,C rrٸh1;eFq(E1B*rK xU< /%Lqx&)I{PJTٌ/!jbTթ0 W?fy uղpڽПxu3K_L;FS /=uR\js@1@C|m{sCx_m;gO@/P~(@y'9 4h2ʏx} $>ӌ~ڹY{}yпvF?Ӿ(3fy|s_d/}/2{ȠE^^d'e_KFeQ~0{ s!?0~ׁw2?/ rqWU?wn=^ \_s}/Yߗ doʁo2ڿh&s$eCPȐ.Np2KQʠ/ޯt𞫫i@Lwy}³2پGh D,s e%Hi_1\n>_aч^Vտf0~uʞ^ e8mlZ+O>j*85ߜ:S?,RK|c ,>wa45D =C9}34]M7nޣ97wƎ3 P7CɹT.jZQo\)Uʹw俑k$2^\GfDdU*[R0X\^9Q(Fuo*K0nhy=q̐ga1VJ!'\Cxk^mf;B _||mBfpZT;i@18L,(sTY\FlOBfVx˗3Ϩ^ocƥ 6%dή1vkB'm/dh™x,O~f+g  تGШsc)ga  Lg^]F.t7J\șP=wP@>DBeD˺U&b)lLu E!Cjϗ53:aKƈ DMKIn_!mx'GY8Erly061wH"KzU8h0 8[]l>9G/iwqmX?apNdRI7W;`51ꬸߥפ`Dy-]Nd~ 9R)m&Ĵ`Ջ0a6틷D#&[~Go"9ţ*aѾ(Ye9d8݈qef~%*WǯD|݆-g ,<T#0?f􇺅ӳLWm(bWuu;Lђ'/TB# l+k Id' b]r(pIi/1S/q?Ih"v]!6 R Ň%?1={`;.lt> a0Vn@΋_BDO֤-އK`b?94vB9 H|\k,##1苌Y Mc) B8Ʉ44,Nd=:rzMʨoY 7wVX#e i_1QFӾ"]ǚ V]??>V@3;f Kǣ,h :BQfwai ,@<`oȲsL ALH\>oz^DltΆb'_IQq1^R”smqSunnhc~EE `A^ⲁe"=` sm#gTt r!,NNL[e.Lc(ŬBCd=)O4'[nIG\k<`iЀΧ^p멎TU|J6A1^7)Ku!A]=_vs[>/'R`zQ[`+슧p ?dtE#bSp!@>pE:MepvR ?93_-rxgs個@DqDgPyGml<^|:y-EOfuG-֝ ,ӟ~HǶI$`:+m˕bA,\n2?>Şi#$W @ ](ۊnFTU^X (K# L{EN8u얢UnD{zw1G[0tczcƫRdGB~DdagZ-*?҂g' Q\F$30(ylHK9m5g0X1'(R9(t0 'Ɣ ϰ"- sWexDh\wL㡺_[zV~LʙcaPֽk xٚջHR#.I|҃!gnh]1fnBO .&DW6K54Ƙb>Y{&L 92lt* X>ˣŬ"D0Ȯ'Z:tsh;h[3THهl*~&o,{k+нTnxFK-^P?Q> χ"@Ԃ+"e})ID~y)/π/(83}E.t!f07Nw6̈́ В^&Ůvbe}%w#