Email is huge (largest deployed application on the Internet?) and it takes a long time to change the fundamentals.
- First DomainKeys draft (predecessor to DKIM)
- First DKIM draft
- PayPal begins work with Yahoo on authentication-based model
- BITS Email Security Working Group publishes paper recommending TLS + SPF + DKIM for email
- DKIM RFC published
- PayPal + Yahoo blocking based on DomainKeys+SPF goes live
- PayPal publishes “A Practical Approach To Managing Phishing”
- BITS publishes deployment guide for email authentication
- First companies launch to build business on top of authenticated email model
- Private-channel model prototyped by webmail providers
- proto-DMARC.ORG effort begins, organized by PayPal to create Internet-scale success as published in 2008
- Anti-Phishing solutions built on top of proto-DMARC start shipping
- DMARC.org organizes, begins work.
- First DMARC draft released
- dmarcian.com launches to support DMARC
- DMARC adoption reaches ~60% of global consumer inboxes
- BITS publishes “BITS Email Authentication Policy and Deployment Strategy for Financial Services Firms”, recommends DMARC
- DMARC.ORG specification work moves to the IETF
- DMARC Working Group chartered within IETF
- DMARC.org becomes initiative under the Trusted Domain Project, a non-profit and tax-exempt public benefit corporation in State of California.