Re: [ietf-dkim] Fwd: [Lurk] Another outside the "box" use case: DKIM
On 4/21/2016 11:50 AM, John Levine wrote: > The reason DKIM doesn't have the LURK problem is that the key issuer > directly controls the verification key with no intermediary doing > certification. The text I was commenting on cited an issue with handing out "my private key". That DKIM might have other benefits is nice, and might be added benefits, they weren't the issue that was raised. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Fwd: [Lurk] Another outside the "box" use case: DKIM
On 3/2/2016 1:35 AM, Stephen Farrell wrote: > LURK is an IETF mailing list that's discussing developing a > solution to the "offload TLS without giving the CDN my private > key" problem. The premise seems to be that there is a single private key. DKIM permits an arbitrary of private keys to be associated with the domain name. So assigning one solely for use by a third-party -- and deciding when to terminate it -- is convenient and carries no effect on other uses. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[ietf-dkim] ok
___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html