On Wed, 2005-08-10 at 04:12 +0000, John Levine wrote:
Mostly agree with Phill's note, except ...
As I argue in a separate email it is not necessary to have per-user
key records to have the ability to perform per-user revocation. In
fact all you need to do is to issue per-user records for the users
you want to revoke.
Your hash and wildcard trick works great if the signatures are all
applied by an MTA under the control of the domain's management. But
if you let roaming users sign their own mail in the MUA, you really
need to give each potentially untrustworthy user a separate key.
True.
Otherwise a malicious user could simply use a random selector and the
same key, since recipients don't know what selector is supposed to
match what user, and the DNS wildcard matches any selector that hasn't
been explicitly voided. To turn off the user, you need to turn off
every selector that uses his key, which means that the user needs a
different key from other people.
Assume remote users are few and given a private key that only works for
a specific selector.
Each lookup will be generating a key, not per user, but per message in
this case. The DNS cache will be hit very hard. The wildcard record
can not be cached. This also requires additional lookups of the
wildcard record by counting labels with DNSSEC. This approach appears
to be very unforgiving to the recipient, while perhaps easy to publish
for the sender.
-Doug
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim