Not sure what you are getting at here.
The draft describes how to glue PKIX certificates to DKIM messages. So the
material in it is an extension to DKIM. It is certainly possible to implement a
DKIM scheme without this if that is what you mean by 'stand alone'. But it is
not possible to extend something without a dependency on what you extend.
-----Original Message-----
From: Mark Delany [mailto:markd(_at_)yahoo-inc(_dot_)com]
Sent: Tue 12/16/2008 6:19 PM
To: Hallam-Baker, Phillip
Cc: IETF-DKIM
Subject: Re: [ietf-dkim] First cut on certificate extensions draft
On Dec 16, 2008, at 1:21 PM, Hallam-Baker, Phillip wrote:
An update of the extensions draft that focuses exclusively on the X.509
certs extensions is attached.
Note that even though this is intended to be an individual
submission, comments from others are welcome. The point of not making it a WG
charter item is that this work item is not sufficient by itself to justify
rechartering.
This has undergone substantial modification as a result of Paul's input
at the meeting. In particular I realized that there are significant use cases
for both 'call by reference' and 'call by value'.
Another major modification is that in this draft, ALL certificates are
encoded as a MIME application/pkix-pkipath object as described in the TLS
extensions RFC. So even if you have a single self-signed cert, you have tio
wrap it in a path.
The reason for this is that in the context of DKIM,
Hi Phil.
Maybe the draft didn't render properly for me, but I didn't find anything that
described how this actually relates to DKIM directly. Put another way, can this
draft stand on its own in the absence of DKIM?
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html