Dave Crocker wrote:
Steve Atkins wrote:
In other words, given the pragmatics, how often is reasonable an
appropriate for changing keys?
I expect to see four varieties.
1) Never changes
2) Never changes except when someone realizes they've lost or
leaked the private key.
3) Changed monthly.
4) Cycled on a regular hourly or daily schedule with automatically
generated keys and expiration of DNS records for old keys running
on a custom stunt DNS server.
To the extent that the working group might wish to specify normative
behavior, I suspect that Choice #1 should be a MUST NOT and probably
the same for #2.
Is #3 a comfortable choice, in terms of balance and effectiveness?
Would a different, simple choice be better?
#4 probably is some sort of ideal, but not reasonable to expect or
press form.
Can I suggest that this is a better topic for the BCP? Making normative
requirements
on operational issues is usually pushing on string in the best
circumstances.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html