The Domain Assurance Council (DAC) is creating an extension to Internet mail called "Vouch By Reference" (or "VBR" for short) that will allow certification providers to vouch for outgoing mail sent by others. VBR is based on the idea of adding an additional header to the outgoing mail, and providing a very simple way to check whether certification providers do vouch for that sender. The protocol does not require the certification provider to sign (or even know about) any mail as it is sent.
The current version of the Vouch By Reference protocol specification describes the structure and handling of the VBR extension. DAC members are actively working on this specification and expect to have it be stable in the near future. When DAC is finished with the protocol work, it will submit it to the IETF to become a informational RFC.
In order for a protocol to become a success in the marketplace, a variety of players need to deploy it. The following guides help various groups understand, implement, and widely deploy Vouch By Reference.
DAC has already begun interoperability testing for both VBR and DKIM (Domain Keys Identifed Mail, a soon-to-be standard from the IETF that works well with VBR). The tests will help DAC members be sure that the products they are deploying will work with each other, and will work well for Internet users.
The Domain Assurance Council will also create additional protocols that will assist its members to provide domain certification and reputation advice in an interoperable fashion. These protocols will assure vendor-neutral access to information such as a domain's reputation, and will allow DAC members to be able to create message-level assurances.
