It appears that Richard Clayton <[email protected]> said: >>We made a similar optimization when designing DKIM not to include the public >>key >>in the signature and publish a digest of it in the DNS. This turned out to be >>the wrong thing when public key sizes had to increase and the DNS couldn’t >>easily accommodate that. Let’s not make an analogous mistake here. > >you should perhaps note the size of some of the post-quantum stuff !
I agree it would have been better to put the key in the signature, but I thought the problem was that Cisco didn't provide clear license status of Jim's patent on that. I believe it's expired now. But I also see this patent https://patents.google.com/patent/US8090940B1/ which covers a signature that includes a copy of the original header and doesn't expire until 2027. That seems uncomfortably close to the header modification unwinding stuff. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
