ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] x= lets senders expire responsibility

2006-04-13 09:10:45
from [Douglas Otis] [Permanent Link] 

On Apr 13, 2006, at 8:19 AM, Hector Santos wrote:



How about this in section 5.2:

| 5.2  Select a private-key and corresponding selector information
|
|    ..
| A signer SHOULD NOT sign with a key that is expected to expire within 
|    seven days; that is, when rotating to a new key, signing should
|    immediately commence with the new key and the old key SHOULD be
| retained for at least seven days before being removed from the key 
|    server.
That basically means that x= must be used if there is planned event for 
selector removal within 7 days.
When the transport includes IMAP and POP, this 7 day advice is far too short of a period to ensure verification. 

-Doug
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] x= lets senders expire responsibility, Mark Delany
Next by Date:  Re: [ietf-dkim] x= lets senders expire responsibility, Hector Santos
Previous by Thread:  Re: [ietf-dkim] x= lets senders expire responsibility, Hector Santos
Next by Thread:  Re: [ietf-dkim] x= lets senders expire responsibility, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]