Protecting Against DKIM Replay

Organization Name

GOOGLE LLC

Inventor(s)

Wei-haw Chuang of Menlo Park CA (US)

Protecting Against DKIM Replay - A simplified explanation of the abstract

This abstract first appeared for US patent application 18478989 titled 'Protecting Against DKIM Replay

Simplified Explanation

The abstract describes a method for securing messages by verifying the authenticity of the message and its intended recipients through a DNS TXT record delegation policy.

• Obtaining a message with a digital signature and list of recipients from a first message server.
• Checking the DNS TXT record for a delegation policy indicating all intended recipients declared by a second message server.
• Validating the digital signature and confirming the user as a declared recipient.
• Indicating the message is authentic if the signature is valid and the user is a declared recipient.

Potential Applications

This technology could be applied in secure messaging services, email platforms, and communication systems where message authenticity and recipient verification are crucial.

Problems Solved

This technology solves the problem of verifying the authenticity of messages and ensuring that the intended recipients are accurately identified, reducing the risk of unauthorized access to sensitive information.

Benefits

The benefits of this technology include enhanced message security, improved trust in communication channels, and reduced likelihood of message tampering or interception.

Potential Commercial Applications

One potential commercial application of this technology could be in secure email services for businesses, government agencies, and other organizations that require secure communication channels.

Possible Prior Art

Prior art in the field of secure messaging systems and email encryption technologies may exist, but further research would be needed to identify specific examples.

Unanswered Questions

How does this method handle messages with multiple recipients?

This method focuses on verifying the authenticity of messages for individual recipients, but it is unclear how it would handle messages intended for multiple recipients and the validation process in such cases.

What impact does this method have on message delivery speed?

While the method aims to enhance message security, it is important to consider how the verification process may impact message delivery speed and overall efficiency of the messaging service.

Original Abstract Submitted

A method for securing messages includes obtaining, at a first message server, a message for a user of a message service hosted by the first message server, the message including a header including a digital signature signed by an author of the message and a list of one or more recipients of the message. The method includes determining that a Domain Name System (DNS) TXT record associated with the message includes a delegation policy indicating that a second message server declared all intended recipients of the message. In response, the method includes determining that the digital signature by the author is valid and that the user is a declared recipient of the message. The method includes, in response to determining that the digital signature by the author is valid and the user is the declared recipient of the message, indicating the message is authentic.