Perhaps I explained it badly. I'm saying that there may be parties which are interested in supporting both DKIM2 and these unobtrusive signatures. In which case, rather than having to support two entirely separate schemes, they could support a single scheme (or at least two very similar schemes), where the only significant difference is in how keys are distributed.
DKIM2 signs the whole message. The unobtrusive signatures are a wrapper around PGP signatures which sign the body of the message, or in this case, a body which is a wrapped copy of a message.
There is no chance that DKIM2 is going to use PGP signing, so how about if you go ask people if they'd be OK with unobtrusive signatures that are not even sort of like PGP?
R's, John PS:
First of all, I do not think these signatures need to be limited to PGP. That's the specific technology that this idea came out of, but I think the goal is more generalizable.
It would be really helpful if you could get the authors of the current draft to write a strawman suggesting how that would work. It is my impression that they feel rather strongly about PGP.
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
