On 11/18/20 4:34 PM, Stephen Farrell wrote:
On 19/11/2020 00:31, Michael Thomas wrote:
Obviously I'm not vehemently against this -- people can do whatever
they like with their private keys -- but it seems in order to do this
properly it's a tiny bit protocol specification and a lot of bit of
BCP
describing the problem space of who, when, and why somebody would do this.
That's fair. It'd also require a bit of analysis as to how
published private keys could be used for attempted mischief
as well.
My take-away is I'll add doing this for some DKIM keys to
my to-do list.
It occurs to me that it doesn't even need to be a one-size fits all
solution for providers. All a provider would need to do is have an opt
in for users to to use selectors who are regularly repudiated, and keep
the current non-repudiation selectors forever.
If you were to pursue this, what venue would you use? Isn't everything
shut down?
Mike
