Mark Delany wrote:
Fine. But I've still not seen a compelling argument for x= that cannot
be effectively achieved by revocation of the selector.
The same reason that you've tirelessly advocated that DK selectors
be backward compatible: that many sites only have a rather tenuous grip
on the manageability of their DNS entries for DKIM.
An interesting guess as to my motives, but no, that's not why I do
that advocating.
It's certainly what Arvel has been advocating.
But I get you're answer. You're saying that x= is there solely because
some people will have trouble removing a key when it's compromised.
It has nothing to do with compromise. x= is the difference between
routine maintenence of DKIM DNS records required (where routine is
approximately every two weeks) vs. install a selector once and not
worry about it for a long time.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html