Steve Atkins wrote:
In other words, given the pragmatics, how often is reasonable an
appropriate for changing keys?
I expect to see four varieties.
1) Never changes
2) Never changes except when someone realizes they've lost or
leaked the private key.
3) Changed monthly.
4) Cycled on a regular hourly or daily schedule with automatically
generated keys and expiration of DNS records for old keys running
on a custom stunt DNS server.
To the extent that the working group might wish to specify normative behavior, I
suspect that Choice #1 should be a MUST NOT and probably the same for #2.
Is #3 a comfortable choice, in terms of balance and effectiveness? Would a
different, simple choice be better?
#4 probably is some sort of ideal, but not reasonable to expect or press form.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html