Message Authentication Signature Standards

Document Charter Message Authentication Signature Standards WG (mass)
Title Message Authentication Signature Standards
Last updated 2006-01-26
State Approved
WG State Concluded
IESG Responsible AD ** No value found for 'group.ad_role.person.plain_name' **
Charter Edit AD (None)
Send notices to (None)


Several proposals have recently been published for the signing of 
messages,primarily email messages, to deter source address spoofing.  
These include:
        DomainKeys, draft-delany-domainkeys-base-00.txt
        Identified Internet Mail, draft-fenton-identified-mail-00.txt
        E-mail Postmarks,

While the prevention of message spoofing is also a goal of the MARID 
working group, cryptographic approaches to this problem are explicitly 
outside the charter of MARID.  Nevertheless, many that are familiar 
with the address-based authorization approaches MARID is considering 
consider them to be an interim step until message signing is deployed, 
or as a complementary technology to be used along with message signing.

This BOF (and IETF Working Group formation, if there is sufficient 
interest) will focus on standards for message signing, including:
 - Signature format (syntax) and binding to message source dress
 - Key management procedures
 - Selection of message content to be signed (headers, etc.)
 - Mechanisms for minimizing breakage as messages pass through the 
 - Operation of message signing in concert with address-based