In article <21e9288f-827c-88f5-5785-957811d959a0@xxxxxxxx> you write: >It occurs to me that it doesn't even need to be a one-size fits all >solution for providers. All a provider would need to do is have an opt >in for users to to use selectors who are regularly repudiated, and keep >the current non-repudiation selectors forever. Sounds like an excellent way to get users to say huh? What? I would be amazed if one user in 100 ever thought about whether their mail might be verifiable several years from now and what that might imply. Personally, I rotate every month just so the amount of mail at risk if I screw up the key management is limited. $ host -t txt k2011._domainkey.examp1e.com k2011._domainkey.examp1e.com descriptive text "v=DKIM1; h=sha256; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Jbgcz4g8viVSkByv4CwRY8RQ4K5Q2ksPeUnsuQKfdLXAUa3/KkHBCLYLkc+Vw3jBDzeispPGSPmUG2KbttxCEV7+CxAGUinEAjaX7GHsw7viOI8ZXxDnbTNlrFygal0OybB0Yk63bBTHyIKgwvvRX/VJVz7mvV9iESzADWIgJ26vugfUUDbr/zPaOynb8" "lBaT8ZShkX8OTRoqBNlsdq4chQWxDatjsMJLFxYT1p8uG3+iT8U8wcSHlDGJD1NF9+xD+yNWtUJuj6d3vkN04yv4gUEc7CHog84NOjaYmDSaoJQ/p3/zkvwOfJdTAldeAPJ7Smj7KVg9exK+D8aiIqjQIDAQAB ;" "n=For=20private=20key=20see=20https://www.iecc.com/dkimkey/k2011/ ;" R's, John uucp@xxxxxxxxxxx
