How can decentralized identity (Web3/email signing) impact standards?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
The short answer: probably not much in the near term, and here's why that's worth understanding.
Today, email authentication (SPF, DKIM, DMARC) works by publishing cryptographic records in DNS. Receiving servers look up those records, verify the signatures, and decide whether to trust the sender. It's a centralized model (DNS is controlled by registrars and ICANN) but it works at scale and is well understood.
Decentralized identity proposes replacing that DNS-anchored trust model with verification against a blockchain or distributed ledger. The idea is that sender identity gets anchored to a verifiable credential that doesn't depend on a centralized authority. On paper, it has appeal: no single point of failure, harder to spoof, resistant to domain hijacking.
In practice, there are big barriers. Email infrastructure runs on SMTP, which is decades old and deeply entrenched. Getting every receiving server to support a new identity verification protocol requires coordinated adoption across millions of mail servers. That's the same coordination problem that makes DMARC adoption slow even though it's been around since 2012.
Blockchain-based email identity is genuinely experimental. There are some proofs of concept, but nothing approaching the standardization process that would be required for real adoption. It's worth knowing exists if you're interested in long-term standards development, but it's not something most senders need to factor into their planning today.
For now, the practical focus is getting SPF, DKIM, and DMARC solid. If you want to check your current authentication health, our free tools cover all three in about two minutes.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.