News

Dutch Ministry of Economic Affairs donates 0.5 million to "Internet Hardening Fund" 2016/12/16

Vietsch Foundation and NLnet cooperate in internet R&D for research and education 2016/09/28

Third edition of 'Holland Strikes Back' 2016/09/01

RPKI-RTRlib contributes to secure interdomain routing 2016/02/15

 

DNSSEC-mail

[DNSSEC-mail -- concluded on 2013/04]

Until recent developments of domain name authentication, Internet mail has not had access to scalable mechanisms for validating an identity associated with a message. Any identifier could be used fraudulently.

The Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) are relatively new technologies that create a foundational change by validating domain identifiers. However they are only the first step. DMARC takes additional steps in allowing domain owners to publish statements about their email use of their identifiers and DMARC facilitates much easier operational reporting from mail recipients to domain owners.

Thus this project will improve use of DNSSEC in the email security space. Two major upcoming applications will drive this:

  1. DMARC which relies on the DNS for advertising policy information.
  2. Domain-based reputation system that relies on DKIM, which in turn relies on secure DNS use to advertise keys and polices.

OpenDKIM includes DNSSEC support via libunbound of NLnet Labs.

Run by The Trusted Domain Project, USA.

Calls

Send in your ideas.
Deadline June 1st, 2017.

   
Last update: 2010/09/17