Use of PKIX Certificates in DKIM

Document Type Expired Internet-Draft (individual)
Author Phillip Hallam-Baker 
Last updated 2005-09-09
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes a mechanism for using X.509v3 certificates that comply with the PKIX profile with Domain Keys Identified Mail (DKIM). An email signer MAY inform potential relying parties that a key described in a DKIM key record has a corresponding PKIX certificate or certificate path by means of an attribute in the key record that provides the URL of the certificate data. An email verifier MAY choose to make use of this information in deciding the disposition of the signed email message.


Phillip Hallam-Baker (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)