Steve Atkins wrote:
> Do we have any thoughts on 1. how often keys might sensibly be
> rotated and 2. how long public keys should remain visible after the
> private key has been rotated out?
The WG discussed this around 2006. The DKIM-RCVD I-D I wrote
summarizes the "timing issues" from the discussions and also offered a
way to help resolve this issue:
http://tools.ietf.org/html/draft-santos-dkim-rcvd-00
There are three basic timing points:
T1 - delivery time
T2 - MFA (Mail Filtering Agent) process time
T3 - MUA process/read/view time
T1 is 7 days based on DKIM recommendations and adequately covers the
SMTP recommendations of 4-5 retry days. So at a minimum the key
retention time should be 7 days.
But there is a T2 gap time when the MFA gets it. This time will
mostly likely pretty short. And there is a T3 gap between MFA and by
the time the MUA gets it. Who knows what T3 is, but it could be
pretty long, i.e. a user goes on vacation or simply reads his mail
once per day or whatever. So T3 is help consider possible MUAs with
DKIM verification plug-ins.
Since T3 can be low to high time significant, the I-D proposed a
method whereby the middle ware (DKIM verifier or not) will create/add
a DKIM-Received with your public key information. This way by the
time it is actually needed by a verifier, it will have the old public
key information in DKIM-Received.
I also suggested that this DKIM-Received header can be used a
migration idea for those systems not yet ready to sign or verify but
can get the information and store in the header in case there will be
a long time-shifted verification period that exceeds the domains key
expiration.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
