DomainKeys Identified Mail: Difference between revisions
Jump to navigation
Jump to search
imported>David MacQuigg (stub article) |
imported>David MacQuigg (add intro) |
||
| Line 1: | Line 1: | ||
{{subpages}} | {{subpages}} | ||
DomainKeys Identified Mail (DKIM) is an [[email authentication]] method using a [[digital signature]] added to the the [[Email message headers | headers]] of a message. The signature provides strong assurance that there was no alteration of selected headers or the body of a message at any point after it left the signer's domain. | |||
' | The signature can be verified by doing a [[DNS]] query for a [[public key]] in the signer's domain. Thus DKIM security depends on the distribution of public keys through DNS, rather than through a [[Public key infrastructure | Public Key Infrastructure]]. | ||
Verification does not depend on IP addresses or the path a message followed from signer to verifier. Thus DKIM avoids the [[Email authentication | forwarding problem]] seen by IP-based authentication methods. | |||
Revision as of 11:21, 12 October 2009
DomainKeys Identified Mail (DKIM) is an email authentication method using a digital signature added to the the headers of a message. The signature provides strong assurance that there was no alteration of selected headers or the body of a message at any point after it left the signer's domain.
The signature can be verified by doing a DNS query for a public key in the signer's domain. Thus DKIM security depends on the distribution of public keys through DNS, rather than through a Public Key Infrastructure.
Verification does not depend on IP addresses or the path a message followed from signer to verifier. Thus DKIM avoids the forwarding problem seen by IP-based authentication methods.