As a commercial implementer and acknowledged contributor to the DKIM
protocol IETF project, with some reservation, I would like to add my
support for the promotion of the DKIM protocol to Internet Standard (IS)
status.
For the record, I would like to state that there still remains
inconsistent reputation modeling of DKIM that has not paid off. DKIM
processing has offered no value in message evaluations. No persistent
or consistent trust framework ("Batteries Required") has emerged for
MTAs, MDAs, MSAs, MUAs or any other DKIM processor. In fact, the higher
potential model (Author Domain Policies) which was intentionally
separated from DKIM continues to be the trend in currently explored
augmented protocols to help protect the DKIM signature layer. Author
Domain Policies such as ADSP, and extensions ATPS, ASL and now DMARC has
emerged to provide signature protection and handling guidelines for
domains and receivers. This Author Domain Policy framework is not
depicted, by design, in the DKIM proposed standard protocol. However,
it is depicted in other RFC documents, such as the Threat Analysis
(RFC4686), DKIM Deployment Guide (RFC5863) and the DKIM overview
(RFC5585) informational publications. Perhaps some update in the future
can correct this design and market inconsistency and explicitly provide
knowledge of the alternative frameworks available for DKIM.
--
Hector Santos, CTO
Santronics Software, Inc.