Yahoo and Cisco to submit e-mail ID spec to IETF

Yahoo and Cisco will submit an e-mail authentication spec to the IETF on Monday, hoping it will become a standard.

Yahoo and Cisco Systems plan to announce Monday they will submit their e-mail authentication specification, DomainKeys Identified Mail (DKIM), to the Internet Engineering Task Force (IETF) to be considered as an industry standard.

Discussions on DKIM will begin at the IETF meeting in Paris scheduled to run between July 31 and August 5, Yahoo and Cisco officials said.

DKIM combines Yahoo's DomainKeys and Cisco's Internet Identified Mail, two e-mail authentication technologies developed separately, which the companies announced in June they would combine with the intention of licensing the resulting specification royalty-free throughout the industry.

DKIM is designed to give e-mail providers a mechanism to verify the origin of e-mail messages and thus combat spoofing. Spammers use spoofing to change an e-mail message's header information to deceive recipients into believing the message was sent by a known and trusted personal acquaintance or a legitimate business, such as a bank or an online store.

Very often, spammers' ultimate goal with spoofing is to trick recipients into revealing confidential information, such as social security numbers, bank account information and passwords, in scams often referred to as "phishing."

Yahoo and Cisco are designing DKIM to be as compatible as possible with DomainKeys, so that migration to DKIM will be smooth for organizations that have already implemented DomainKeys, said Jim Fenton, who holds the title of Distinguished Engineer at Cisco.

"We have made a real effort to preserve the investment in infrastructure that people who have implemented DomainKeys have made," Fenton said.

Cisco announced its Internet Identified Mail specification in June of last year, but it's unpublished, so there have been only three prototype implementations made: an internal one at Cisco and two external ones, Fenton said.

The companies decided to combine their cryptographic technologies because they found them to be very similar and "we didn't feel we needed to have two technologies that did the same thing," Fenton said.

DomainKeys has been more widely tested and adopted, and Yahoo receives about 350 million e-mail messages signed with it every day, said Miles Libbey, Yahoo's antispam product manager.

More about: Cisco, Cisco Systems, IETF, Internet Engineering Task Force, Yahoo

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/170/gadwin-geforms/

Gadwin GeForms

GeForms allows you to create your own forms or fill in existing forms electronically. Using GeForms you are provided with sophisticated form design tools which ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia