DomainKeys is a project begun several years ago by Yahoo as a way to fight phishing and spam; the Identified Internet Mail project was begun by Cisco.
The DomainKeys project was particularly innovative because it specified the use of domain names rather than IP addresses to authenticate senders, Crocker said. DomainKeys also used the existing DNS (Domain Name System) to transmit the public keys needed for encryption, rather than adding yet another infrastructure layer.
An informal consortium of about a dozen IT vendors and organisations, including Yahoo, Cisco, EarthLink, Microsoft, PGP, StrongMail, VeriSign and Sendmail, have met for a year to create the new specifications for DKIM. It was first submitted to the IETF for consideration as a new email standard to fight phishing and spam in July 2005.
To make it work, DKIM now has to be adopted and incorporated by independent software vendors into their email applications and related infrastructures. Paul Hoffman, a director at the Domain Assurance Council, a trade association for the domain reputation industry, said he believes email service providers such as Yahoo and Google will lead the way.
"You're going to see a bunch of adoption from the receivers within the next six months, and that will spur the senders," Hoffman said. "Once the receivers are saying there's a higher chance you're going to get white-listed, the senders are going to say, 'Great, sign me up.'
"As far as we can, tell all the major [email services] are very interested implementing it," he said. "We believe from what they've said that all of them are going to include DKIM fairly high in the list of white-listing technologies."