(no hats) On Mon, Jun 15, 2020 at 2:18 PM Brandon Long <blong= 40google....@dmarc.ietf.org> wrote:
> > We sometimes use a different solution that isn't listed, which is > basically where internal groups have access to the > domain DKIM key, so they just re-sign. Those aren't really an interesting > case, though. > > I used to encourage creating CNAMEs to DKIM keys that internal groups managed themselves. (DNS things like that are like nice BCP for DMARC deployment.) Large corporations with legacy domains and multiple business units operating semi-independently are the same problem space as Jesse's University case. tim
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
