I know that the categories of domain validation are:
- Regular SSL
- Multi Domain Validation
- Wildcard Certificates
- Premium SSL
But I am not sure under which of the above does DKIM falls.
Asked
Active
Viewed 899 times
1
Martin Godfrey
- 35
- 2
-
It is totally unrelated. DKIM is a self-signed certificate that you place in your DNS zone records to sign outgoing emails, thus confirming the sending server's identity. – Julie Pelletier Nov 20 '16 at 02:40
1 Answers
4
DKIM does not use any certificates at all and is also unrelated to TLS. This means that a question about the kind of validation related to the subject of a certificate does not relate to DKIM at all.
For DKIM the domain owner itself associates a public key only (not a certificate) with the domain by putting it into a DNS TXT record and then uses the associated private key to add a signature to mails sent through the domain owners mail server. By checking this signature against the public key the recipient can verify that the mail was actually sent through the domain owners server which makes forging the sender harder.
Steffen Ullrich
- 184,332
- 29
- 363
- 424
-
I have basic idea of what ssl and dkim does. However i still have a question? Any idea why SSL/TLS uses certificate model where as DKIM doesn't? Is it because dkim only used for signatures? – Giri Sep 13 '17 at 15:53
-
@user1091558: certificates are used when you not only need a key for signatures but also trust chain, expiration, revocation, subjects to check against etc. Since none of this is part of DKIM no certificates are needed. – Steffen Ullrich Sep 13 '17 at 17:07