[Ietf-dkim] Fwd: New Version Notification for draft-crocker-dkor-00.txt

Sat, 19 Apr 2025 01:18:56 -0700 

Hi.
I've drafted a specification intended to provide a DKIM-based means of controlling DKIM Replay, based on community discussions of what is needed.  The spec also includes the return address coverage that has been discussed, though I am not yet clear enough about its use to have attempted detailed explanation of how it works. 


As with most initial specs I do, I believe the design is reasonable, but 
am quite sure that the details will be somewhere between deficient and 
terrible.  Please adjust comments and suggestions accordingly, with 
attempts to avoid declaring the mere fact of either condition being 
appreciated.


d/

-------- Forwarded Message --------
Subject:        New Version Notification for draft-crocker-dkor-00.txt
Date:   Sat, 19 Apr 2025 01:11:11 -0700
From:   [email protected]
To:     Dave Crocker <[email protected]>



A new version of Internet-Draft draft-crocker-dkor-00.txt has been
successfully submitted by Dave Crocker and posted to the
IETF repository.

Name: draft-crocker-dkor
Revision: 00
Title: DomainKeys Originator Recipient (DKOR)
Date: 2025-04-19
Group: Individual Submission
Pages: 7
URL: https://www.ietf.org/archive/id/draft-crocker-dkor-00.txt
Status: https://datatracker.ietf.org/doc/draft-crocker-dkor/
HTML: https://www.ietf.org/archive/id/draft-crocker-dkor-00.html
HTMLized: https://datatracker.ietf.org/doc/html/draft-crocker-dkor


Abstract:

DKIM associates a domain name with a message stream, using
cryptographic methods, to permit reliable and accurate reputation-
oriented analysis of the stream. It is possible for an authorized
user to conspire for additional distribution of a message, leveraging
the domain name reputation for promoting spam. This is called DKIM
Replay. DKOR defines a means of limiting that ability, by
associating original addressing information with the message's DKIM
signature, to detect distribution beyond the intended recipient.
DKOR uses existing DKIM services and only requires implementation of
the additional DKOR requirements by the signer and any receiving site
wishing to participate in DKOR services. Other DKIM receivers can
process the same DKIM signature without knowledge of DKOR.




--
Dave Crocker

Brandenburg InternetWorking
bbiw.net
bluesky: @dcrocker.bsky.social
mast: @[email protected]

_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]






















					Reply via email to