Re: [ietf-dkim] small question in draft-ietf-dkim-base-00.txt on TXT rec


On Feb 20, 2006, at 12:49 PM, Tony Hansen wrote:

We allow extra options to be specified in a DKIM-Signature header,but do not allow extra options to be specified in a DKIM TXTrecord. (I don't recall this being discussed before, but just maynot remember it.) Should we? If not, how would we do upwardly-compatible changes without requiring multiple DNS entries for bothan old and new entry.

DKIM should specify a binary structure used with the CERT RR. ThisRR already offers fields defining the critical hash algorithm, forexample. By just specifying the hash used in signature header, oncea hash algorithm is later discovered compromised, there is no meansto keep bad actors from using this compromised hash algorithm forspoofing messages. It would appear the DKIM draft is not ready.


-Doug


_______________________________________________

NOTE WELL: This list operates according tohttp://dkim.org/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Quite a lot of DKIM at Dallas IETF, Stephen Farrell

Next by Date:

RE: [ietf-dkim] New Issue: TLD key publication and signing, Hallam-Baker, Phillip

Previous by Thread:

[ietf-dkim] small question in draft-ietf-dkim-base-00.txt on TXT record, Tony Hansen

Next by Thread:

Re: [ietf-dkim] small question in draft-ietf-dkim-base-00.txt on TXT record, Michael Thomas

Indexes:

[Date] [Thread] [Top] [All Lists]