John Levine wrote:
[1] John's Full Name: John Smith
[2] John's Position: Student of Computer Science Dept.
[3] John's email address: smith(_at_)cs(_dot_)dkim(_dot_)edu
[4] Signature's Default Domain: dkim.edu
[5] Signature's Selector: student.cs
[6] Personal Identity of the Signature: smith(_at_)cs(_dot_)dkim(_dot_)edu
This is not a good use of selectors. The point of selectors is for
key management, not identity management. Receivers are going to use
either d=dkim.edu or i=smith(_at_)cs(_dot_)dkim(_dot_)edu for their
evaluation, and
won't even see the student part.
Ah yes, good point!
If you want to have signatures for students at cs.dkim.edu, use
d=cs.dkim.edu, and arbitrary selectors you can change without having
to change everyone's identity. If you want to encode the category of
user into the i=, that's easy enough, either by d=student.cs.dkim.edu,
or perhaps i=smith(_at_)student(_dot_)cs(_dot_)edu(_dot_)
In my system, I encode the mailstream into the i= (see the signature on
this message) and it works well.
Then i'll study more about that. Thanks for advice and reply!
byunghee
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops