Stephen Farrell wrote:
Section 3.1 says that a new selector should (albeit lowerase
should) be used when keys are rolled. This seems a bit clunky
and may lead to selectors with counter-intuitive names. Why not
include a version number or key ID that'd allow this to be
done better? The version could be included as the last part of
the selector starting from zero, e.g. "alice.0" -> "alice.1" ->
"alice.2" etc.
are you discussing threats or are you discussing design enhancements?
If the former, it sounds like the latter. So, how is this relevant to a threat
analysis?
If the latter, it is difficult to understand why it is better to add more
mechanism, when the one you are concerned about is supposed to be an opaque
string that its creator can formulate according to any template it wishes.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html