Doug,
Douglas Otis wrote:
If 7 days provides for the SMTP transport, and people in Sweden and
France want to verify messages following their 5 week vacation, then
this would require a minimum of 42 days of key availability. The
suggestion for 45 days provided an additional 3 days to assure
availability following such a vacation.
Eh... That's nonsense. You may as well say that if I choose to stay
offline for a year, then everyone has to abide by that and leave
keys lying about until I'm back.
If you knew the distribution of transit times based on some
reasonable sample, then I'd listen. Presumably there's a bell
curve in there and we could argue about how many std. devs. to
ask signers to take into account. Anything less soundly based
is only as good as our charter, i.e. "a few days at most" so
we may as well stick with that.
Ostensibly non-arbitrary vacation rules don't count. The fact
that you forgot maternity/paternity/parental leave e.g. in
Bayern or Ireland and the fact that those durations differ and
change outside the control of the IETF are all exceptionally
good indicators that you're basically way off base.
The real point is that there is no required correlation
between x= and the duration for which a key is made
available (!= being available) in DNS. There are many
reasons why x= can be in the future but yet no key is
available to check a signature. Endless argument about
some subset of those is unproductive.
So, let's move on. This is a useless dead-end.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html