SAN JOSE and SUNNYVALE, Calif., July 11, 2005 - With their shared commitment to bringing new, interoperable solutions that combat e-mail forgery and protect the value of the Internet for customers, Cisco, PGP Corporation, Sendmail and Yahoo! are submitting the e-mail authentication specification DomainKeys Identified Mail (DKIM) to the Internet Engineering Task Force (IETF) for consideration as a new e-mail industry standard and to help enable industry-wide adoption of the technology. Now available as an IETF Internet Draft at www.ietf.org *, discussions will begin on standardization of this unified e-mail authentication proposal at the 63rd IETF meeting in Paris, France which begins on July 31, 2005.
DKIM is a signature-based e-mail authentication proposal which is based on Yahoo!'s DomainKeys e-mail authentication technology and Cisco's Identified Internet Mail. It provides e-mail users with an additional level of protection against e-mail forgery, a tactic often used in phishing attacks. DKIM was developed so that businesses and consumers will have a stronger, more accurate means for identifying legitimate e-mail messages. DKIM provides transactional institutions added brand protection by giving consumers increased assurance of the legitimacy of the e-mails they receive.
DKIM is the result of the ongoing commitment from numerous industry players to develop an open-standard e-mail authentication specification, and industry collaboration has played a critical role in the process. Industry leaders who played a valuable role in furthering the development of the DKIM specification include, Alt-N Technologies, AOL, Brandenburg Internetworking, Cisco, EarthLink, IBM, Microsoft, PGP Corporation, Sendmail, StrongMail Systems, Tumbleweed, VeriSign and Yahoo!. The participation of these companies have been instrumental in creating this single, signature-based e-mail authentication proposal. The authoring companies will continue to work with these organizations and the IETF on the standardization of the DKIM specification so that industry-wide agreement on the best method for validating the identification of email senders can be reached.
As a demonstration of the maturity of the DKIM specification, three independent implementations from Alt-N Technologies, Cisco Systems and Sendmail have been shown to interoperate successfully. These tests have provided a means for testing the DKIM specification and will form the basis for further testing as new implementations of DKIM are developed by vendors and service providers.
"We have had the pleasure of working with thought leaders in the industry in developing the DKIM specification," said Jim Fenton, Distinguished Engineer, Cisco Systems. "By publishing a specification that has had multiple interoperable implementations and considerable multi-vendor contribution, we hope to expedite the process of IETF standardization so that adoption of DKIM can contribute to a solution for e-mail fraud more rapidly."
"Yahoo! is committed to protecting its e-mail users from phishing and other forms of e-mail fraud. With DKIM, we're helping other e-mail service providers, ISPs, financial institutions and e-commerce companies to protect their e-mail customers as well," said Miles Libbey, anti-spam manager at Yahoo! "We look forward to continued industry collaboration on DKIM, in an effort to create an open e-mail authentication standard that is available to the industry-at-large."
In addition to publishing the DKIM proposal via IETF for open industry discussion, the authoring companies are committed to licensing this technology royalty-free to the industry-at-large. As with all IETF proceedings, interested parties are encouraged to participate in the upcoming IETF standardization effort of DKIM.
* Once submitted to the IETF, it takes a few days for the IETF to upload the proposal to the public Web site. To find the proposal, visit http://search.ietf.org/ and enter the key word DKIM.