ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] New Issue: selectors and key rollover

2006-03-16 03:05:12
from [Stephen Farrell] [Permanent Link] 

Section 3.1 says that a new selector should (albeit lowerase
should) be used when keys are rolled. This seems a bit clunky
and may lead to selectors with counter-intuitive names. Why not
include a version number or key ID that'd allow this to be
done better? The version could be included as the last part of
the selector starting from zero, e.g. "alice.0" -> "alice.1" ->
"alice.2" etc.

That might also allow selectors to support >1 private key per
selector per domain - which will be useful for cases where >1
signing MTA exists and h/w crypto is used - some h/w crypto
devices might not support cloning the same private key over
multiple devices.

S.



_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] New Issue: Clarify delegation to 3rd parties, Stephen Farrell
Next by Date:  [ietf-dkim] New Issue: z= field and EAI wg, Stephen Farrell
Previous by Thread:  [ietf-dkim] New Issue: Clarify delegation to 3rd parties, Stephen Farrell
Next by Thread:  Re: [ietf-dkim] New Issue: selectors and key rollover, Mark Delany
Indexes:  [Date] [Thread] [Top] [All Lists]