Re: Pre-picking one solution (Re: [ietf-dkim] Re: WG Review: Domain Keys Identified Mail) (dkim)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Thu, 22 Dec 2005, Barry Leiba wrote:

Actually, the DKIM base spec does provide a mechanism for replacing the
DNS keystore with something else.  Look at 1.4 for a general statement,
and the description of the "q=" tag in 3.5.  DKIM's intended to be able
to support user-level keys in a future version (there's some discussion
of that in appendix A), and its design is set up specifically not to
prevent that.

The spec basicly says that you must support DNS public key distribution
and authorization; that something else may also be added later will not change requirement for pki in dns and will only be usefull for those
who can support it as alternative way to retrieve the key (which means
the key would still need to be made available through dns for those who
do not).

It is really no brainer to see that if we have several authorization meachanisms a set of them would have to be done as a required for those creating implementation in order for them to be used and that means working on all that as part of the main work on the system and
releasing together with other documents on the signature system.

--
William Leibzon
Elan Networks
william@xxxxxxxx

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]