On Thu, Sep 9, 2010 at 5:21 PM, J.D. Falk jdfalk-li...@cybernothing.orgwrote:
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Rumor has is that some large players (such as Yahoo!) are
disregarding such ephemeral property of a selector and
are trying to associate a reputation scheme based
On Fri, Sep 10, 2010 at 6:55 AM, Jeff Macdonald macfisher...@gmail.comwrote:
On Thu, Sep 9, 2010 at 5:21 PM, J.D. Falk
jdfalk-li...@cybernothing.orgwrote:
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Rumor has is that some large players (such as Yahoo!) are
disregarding such
http://feedbackloop.yahoo.net/
Step 2 doesn't help. (yes, you can put * for all selectors, but asking for
one when it isn't really needed leads to FUD).
A selector can of course be in a sub-domain format, such as
september.dialup._domainkey.example.net
I wonder if they considered letting
I wonder if they considered letting you enter *.dialup or somesuch?
I dunno, but I think the last time something like this came up, we agreed
that if you want to have two separate reputation streams, they should have
different d= rather than different selectors.
R's,
John
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a selector.
Such a purpose of a selector is clearly
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] Key rotation
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Mark Martinec
Sent: Thursday, September 09, 2010 9:57 AM
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] Key rotation
Mark Delany wrote:
I believe the general thrust
On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote:
The whole point of rotating keys is so that loss of an old private key
isn't a risk. Given that, I think that even if you're fairly sure that a key
pair hasn't been compromised then you should remove the public
key as soon as is reasonable after
On 09/09/2010 11:12 AM, McDowell, Brett wrote:
On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote:
The whole point of rotating keys is so that loss of an old private key
isn't a risk. Given that, I think that even if you're fairly sure that a key
pair hasn't been compromised then you should
On Sep 9, 2010, at 11:12 AM, McDowell, Brett wrote:
On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote:
The whole point of rotating keys is so that loss of an old private key
isn't a risk. Given that, I think that even if you're fairly sure that a key
pair hasn't been compromised then you
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a
On 09/09/2010 09:57 AM, Mark Martinec wrote:
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a
On Sep 9, 2010, at 2:26 PM, Steve Atkins wrote:
On Sep 9, 2010, at 11:12 AM, McDowell, Brett wrote:
I'd be surprised to discover many senders are rotating keys every eight days.
I didn't suggest rotating keys every eight days. Rather, I suggested leaving
the public keys in place for 8
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Rumor has is that some large players (such as Yahoo!) are
disregarding such ephemeral property of a selector and
are trying to associate a reputation scheme based on both
the domain *and* the selector.
That rumour is based on a presentation I
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Rumor has is that some large players (such as Yahoo!) are
disregarding such ephemeral property of a selector and
are trying to associate a reputation scheme based on both
the domain *and* the selector.
On Thursday September 9 2010 23:21:55
On Sat, Sep 04, 2010 at 01:41:41PM -0700, Steve Atkins allegedly wrote:
Do we have any thoughts on 1. how often keys might sensibly be
rotated and 2. how long public keys should remain visible after the
private key has been rotated out?
I believe the general thrust is that DKIM keys are
On Sep 4, 2010, at 2:55 PM, Mark Delany wrote:
On Sat, Sep 04, 2010 at 01:41:41PM -0700, Steve Atkins allegedly wrote:
Do we have any thoughts on 1. how often keys might sensibly be
rotated and 2. how long public keys should remain visible after the
private key has been rotated out?
I
Mark Delany wrote:
On Sat, Sep 04, 2010 at 01:41:41PM -0700, Steve Atkins allegedly wrote:
Do we have any thoughts on 1. how often keys might sensibly be
rotated and 2. how long public keys should remain visible after the
private key has been rotated out?
I believe the general thrust is
Steve Atkins wrote:
Do we have any thoughts on 1. how often keys might sensibly be
rotated and 2. how long public keys should remain visible after the
private key has been rotated out?
The WG discussed this around 2006. The DKIM-RCVD I-D I wrote
summarizes the timing issues from the
19 matches
Mail list logo
