The Domain Assurance Council (DAC) is creating an extension to
called "Vouch By Reference" (or "VBR" for short)
that will allow certification providers to vouch for
outgoing mail sent by others. VBR is based on the idea of adding
an additional header to the outgoing mail,
and providing a very simple way to check whether certification providers do
vouch for that sender.
The protocol does not
require the certification provider to sign (or even know about)
any mail as it is sent.
The current version of the
Vouch By Reference protocol specification
describes the structure and handling of the VBR
extension. DAC members are actively working on this specification and expect
to have it be stable in the near future.
When DAC is finished
with the protocol work, it will submit it to the IETF to become a
In order for a protocol to become a success in the marketplace, a
variety of players need to deploy it. The following guides help
various groups understand, implement, and widely deploy Vouch By
DAC has already begun interoperability testing for both
VBR and DKIM (Domain Keys Identifed Mail, a soon-to-be standard from
the IETF that works well with VBR). The tests will help DAC members be sure that the
products they are deploying will work with each other, and will
work well for Internet users.
The Domain Assurance Council will also create additional
protocols that will assist its members to provide domain certification and
reputation advice in an interoperable fashion. These protocols will
assure vendor-neutral access to information such as a domain's reputation,
and will allow DAC members to be able to create message-level assurances.