-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected]>, Phillip Tao <[email protected]> writes
> Most > senders seem not to rotate keys all that often (order of months or > years), and when they do, many will leave old keys around. This > could be fully solved by sending the keys in the message, but I > think just some language in the RFC to encourage senders to leave > keys around for a period of at least few months is enough to > mitigate this for most practical use cases. some people feel quite strongly that since DKIM keys are intended to have an ephemeral use in providing some authentication to SMTP activity they should NOT be secured thereafter <URL:https://blog.cryptographyengineering.com/2020/11/16/ok-google- please-publish-your-dkim-secret-keys/> you should consider addressing their concerns in what you propose - -- richard @ highwayman . com "Nothing seems the same Still you never see the change from day to day And no-one notices the customs slip away" -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBaKYLJGHfC/FfW545EQIwpwCg7eK0y4IgVFN9uQAOGkw+iCw61msAnRVG U0F2IIdw7OSbK3995xzbwX2Q =AVb7 -----END PGP SIGNATURE----- _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
