fyi: DOSETA proposal in DKIM WG from =JeffH on 2011-01-14 (ietf-http-wg@w3.org from January to March 2011)

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Fri, 14 Jan 2011 14:02:12 -0800
To: IETF HTTP WG <ietf-http-wg@w3.org>
Message-ID: <4D30C7E4.3030007@KingsMountain.com>
Just fyi, since various folks have mentioned thoughts wrt using a DKIM-like 
mechanism to integrity-protect HTTP messages -- there's emerged a proposal 
amongst DKIM folk to split the DKIM spec such that spec re-use of the 
fundamental DKIM message-signing techniques is more feasible. Salient msgs 
included below (with ptrs to relevant new I-Ds).

This work isn't adopted by the DKIM WG -- they are debating whether they wish 
to adopt it, and if so, when (i.e. in lieu of the present 4871bis spec, or 
after progressing the present 4871bis spec).

=JeffH
------

Subject: [ietf-dkim] Proposed documentation split between DKIM and "DOSETA"
From: Dave CROCKER <dhc@dcrocker.net>
Date: Fri, 07 Jan 2011 12:58:02 -0800
To: DKIM Mailing List <ietf-dkim@mipassoc.org>

Folks,

Here's the proposal that Barry just announced, for splitting the DKIM
specification into a DKIM-specific portion and an underlying, more generic
portion that could be re-purposed for other services.  It's current working
acronym is DOSETA.

Note that when combined the two documents would produce a DKIM protocol that
is over-the-wire identical with the current DKIM[1].  In other words, this 
exercise does not change the DKIM protocol at all.  It merely re-apportions
the documentation for expanded use...


d/

[1] I should acknowledge that things are moved around massively, and that this
effort uncovered some hiccups in the existing DKIM document which are now fixed.
   But again, no protocol changes.


--

Subject: [ietf-dkim] DOSETA-based drafts now available
From: Dave CROCKER <dhc@dcrocker.net>
Date: Thu, 13 Jan 2011 22:51:59 -0800
To: DKIM IETF WG <ietf-dkim@mipassoc.org>

Folks,

The two drafts based on the idea of DOSETA are now available.

They were done as individual submissions, rather than working group submissions,
because they are not currently adopted by the working group.

d/



-------- Original Message #1 --------
Subject: I-D Action:draft-crocker-dkim-doseta-00.txt
Date: Thu, 13 Jan 2011 22:15:02 -0800
From: Internet-Drafts@ietf.org
Reply-To: internet-drafts@ietf.org
To: i-d-announce@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : DomainKeys Security Tagging (DOSETA)
	Author(s)       : D. Crocker, M. Kucherawy
	Filename        : draft-crocker-dkim-doseta-00.txt
	Pages           : 59
	Date            : 2011-01-13

DomainKeys Security Tagging (DOSETA) is a component mechanism that
enables development of a security-related service, such as
authentication or encryption, with keys based on domain names; the
name owner can be any actor involved in the handling of the data,
such as the author's organization, a server operator or one of their
agents.  The DOSETA Library provides a collection of common
capabilities, including canonicalization, parameter tagging, and
retrieval of self-certified keys.  The DOSETA Signing Template
affixes a signature to data that is in a "header/content" form.
Defining the meaning of the signature is the responsibility of the
service that incorporates DOSETA.  The signature is validated through
a cryptographic signature and querying the signer's domain directly,
to retrieve the appropriate public key.

A URL for this Internet-Draft is:
<http://ietf.org/internet-drafts/draft-crocker-dkim-doseta-00.txt>



-------- Original Message #2 --------
Subject: I-D Action:draft-crocker-dkim-rfc4871bis-doseta-00.txt
Date: Thu, 13 Jan 2011 22:30:01 -0800
From: Internet-Drafts@ietf.org
Reply-To: internet-drafts@ietf.org
To: i-d-announce@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : DomainKeys Identified Mail (DKIM) Signatures -
                            Over DOSETA
	Author(s)       : D. Crocker, M. Kucherawy
	Filename        : draft-crocker-dkim-rfc4871bis-doseta-00.txt
	Pages           : 28
	Date            : 2011-01-13

DomainKeys Identified Mail (DKIM) permits a person, role, or
organization that owns the signing domain to claim some
responsibility for a message by associating the domain with the
message.  This can be an author's organization, an operational relay
or one of their agents.  DKIM separates the question of the identity
of the signer of the message from the purported author of the
message.  Assertion of responsibility is validated through a
cryptographic signature and querying the signer's domain directly to
retrieve the appropriate public key.  Message transit from author to
recipient is through relays that typically make no substantive change
to a message or its content and thus preserve the DKIM signature.

A URL for this Internet-Draft is:
<http://ietf.org/internet-drafts/draft-crocker-dkim-rfc4871bis-doseta-00.txt>






-- 

    Dave Crocker
    Brandenburg InternetWorking
    bbiw.net
Received on Friday, 14 January 2011 22:02:45 UTC