Jeremy Zawodny notes that Yahoo's DomainKeys proposal is now public. Here's the Internet-Draft; here's the blog chatter as seen by Technorati.

In the blog introduction to my story on sender authentication schemes, I included some clips from an interview with Sendmail Inc.'s Eric Allman. Here's another excerpt, in which Eric discusses the issue of roving users. Although DomainKeys can potentially deal with this case -- by mapping its DNS selectors to individuals -- he notes that you're better off making an authenticated connection to your home MTA, if not through a VPN then by means of port 587 message submission. Here's the Internet-Draft on that topic, which Eric co-wrote and hopes will become a BCP (Best Current Practices) document.

Eric concludes this segment by saying that, for the first time in a long time, he's "cautiously optimistic" about doing something effective against spam. Likewise, I'm cautiously optimistic about the long-term value of publishing keys in the DNS. The DomainKeys scheme initially maps keys to organizations, but has the flexibility to map them to individuals as well.

Former URL: