On 2/10/23 10:23 AM, Wei Chuang wrote:
| resign for DKIM on behalf of the Originator though the
| Originator increases risk of losing control of their private key.
I'm pretty sure that the best practice here is to just create a
selector(s) for the ESP's, etc, signing keys. You definitely don't want
to be handing your private keys out.
That's how gmail hosts and signs for my domain here.
Mike
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim