The DKIM Working Group are developing a spiritual successor to DKIM. They have named it DKIM2 but it is more of its own thing than an iterative new version of the original DKIM protocol.
As of now (June 2026) it is still going through the drafting process so there is no RFC or stable specification to develop against. Ideas are still being stress tested and edge cases considered. The latest Internet-Draft can be viewed here and there is also an explanatory website operated by the WG here.
From the direction it is taking we can see some core concepts:
- It will be (initially at least) backward compatible with DKIM, using the same DKIM-Signature message header and public keys
- It will use a “chain of trust” like ARC but crucially you can undo previous assertions and cryptographically verify them
Normally my attitude with anything at IETF draft stage is not to hold my breath. It’s a slow process to design something that will meets IETF requirements around universality, interoperability, security, and privacy. And there is a large graveyard of ideas that never progressed from a draft or qualified as RFCs.
However DKIM2 is been driven with focus and momentum by some large senders and receivers. It would not surprise me if this got assigned an RFC by the end of 2026 or early 2027. I could be wrong though.
In a follow-up post I will discuss how we got here and why there is an emerging urgent need for something like DKIM2. When that is published I’ll link to it here.