For various reasons, DKIM's non-repudiation property has always prevented us deploying DKIM signing on our mail. The obvious fix for this is to roll DKIM keys aggressively (eg every few minutes) and publish the private keys for revoked keys as you go. Given relay times for mail through various hosts, how aggressive could one theoretically get without having keys time out before mail is verified (ie how long must DKIM keys remain valid after mail has been signed by them?).
Separately, is there any work towards making DKIM support non-RSA keys? Sure, one could always just generate a fresh key every minute and publish all old ones, but ECC would be nice as it would allow simpler hash-based key revocation where you can reveal every previous key with just one key. Thanks, Matt _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop