From: John Levine [mailto:johnl(_at_)iecc(_dot_)com]
Your hash and wildcard trick works great if the signatures
are all applied by an MTA under the control of the domain's
management. But if you let roaming users sign their own mail
in the MUA, you really need to give each potentially
untrustworthy user a separate key.
Agreed, I think that is essential if you have MUA signing for a whole
heap of reasons. If I have a million users and a million copies of a
private key floating around then I have effectively lost control.
Basicially that would mean you end up with the cost and complxity of
running a public key scheme and get none of the benefit. You still have
to have a means of provisioning the key to the MUA.
If you are going to sign in the MUA you need a key lifecycle management
solution.
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim