DKIM Summit

On Monday we had the DKIM Summit meeting in Santa Clara, CA. The meeting went excellently, and I think it was very useful. Apart from its being a "pep rally", with both executives and techies encouraging attendees to jump in and implement DKIM, the meeting also gave implementors a good way to get started. We did an overview of the technical specification, and answered questions about that. People who have already implemented it talked about their experience. There was a panel discussion of products that include DKIM support today. And for the future, we had a panel that included companies that run accreditation services, talking about how those services will soon expand to benefit DKIM users.

I want to repeat here a message that we're giving far and wide, and which I repeated a few times on Monday. Some have already implemented DKIM, and some plan to do so soon; some had already implemented DomainKeys and are waiting for DKIM to get through the IETF process before switching to it; some have implemented neither yet, and are waiting. The message is this: the specification that we brought to the IETF, which was published as draft-allman-dkim-base-01 (we're calling it "allman-01" for short) is a stable version that we want people to implement while the IETF version is in the works. When the IETF version is stable, and we're ready to encourage deployment of that version, we'll let people know. In the meantime we'd like to have the community settle on one deployed version, to avoid instability and interoperability problems with implementations done from different versions of the spec. That version is "allman-01".

The second part of that message is, "Don't wait." We'd like to see verifiers go ahead and implement DKIM now — add it to your DomainKeys implementation if you already have one, or go ahead and start with DKIM if you're just getting started. Signers, similarly, can start with DKIM, or can add a second, DKIM signature to an existing DomainKeys implementation. More experience with this will help us finish the migration from DomainKeys to DKIM in a short time.

After the main meeting on Monday, the document authors got together separately, discussed the open issues with the IETF versions of the threats document and the base spec (see links at the bottom of the charter page), preparing for an upcoming "last call" on the former, and another burst of work on the latter. Both documents look solid, and it's gratifying to see this work moving well.