« Vern Paxson to Step Down from the IRTF A new PAC for solving the IP issues »
Gmail Starts to Use DomainKeys
Posted October 17, 2004 – 8:12 pm by Yakov Shafranovich in Spam and EmailAccording to to a post at IETF’s MAIL-SIG list by my old collegue, John Levine; Google has begun to sign outgoing email from Gmail with Yahoo’s DomainKeys signatures. This is the first large provider of email that is actually doing so (not even Yahoo has started that yet). A quick email sent from my Gmail account came with the following header:
DomainKey-Signature: a=rsa-sha1; c=nofws;
s=beta; d=gmail.com;
h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding;
b=eIN1QIuyXhq8oE9uIidZL5c/U4TjKUo3dE5ukqwB2Zd3LZ656qy1/
lPSDMEH9HcHUlmUCnjTXT6cgCoyb5p7Lfta9ywIV1Tym3dVS4gtQqvvEj
Oh6g2w2AOydQ8hlXHj1xupca7MCpVDC2YXVvSA3bz0uPCNHWgFsQS
AoqTWC9w
A DNS lookup pulls up the public key:
]$ nslookup -query=txt beta._domainkey.gmail.com
Non-authoritative answer:
beta._domainkey.gmail.com text = “t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/
m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm
2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/
RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB”
UPDATE: After a check against the current DK spec, it seems that Google’s signatures are invalid since they are missing the “q” parameter which is required. Additionally, running the messages through Yahoo’s DK library come back as bad signatures. There is still plenty of work to be done on interoperability.
Digg This Share This PostTags: dkim, domainkeys, gmail, google, yahoo
Permalink | Trackback URL | This post has 548 Views
Sorry, comments for this entry are closed at this time.