On May 22, 2006, at 3:28 PM, Stephen Farrell wrote:
So 4:0 for trying this for a few weeks. Barring a change in
that I guess we should go for it, starting this Thursday
at 1500 UTC (1600 Dublin, 1100 New York etc.) for 90 minutes.
Agenda is a continuation of issue processing. Will try to
update list beforehand.
It could be helpful for details related to the algorithm's
representation in the binary key be posted for review. Resolving the
method of representation should allay some possible concerns.
The review of a strategy for using a key deprecation flag should also
be possible. Once there is an assured method to confirm an unknown
algorithm is currently offered by a signing domain, detecting removal
of a non-deprecated signature during a transition is possible. A
signed message must contain at least one non-deprecated signature
where the algorithm, even though unsupported by the verifier, must
still be confirmed as supported by the signing domain in the
referenced key. Without such a strategy, an opportunity to exploit a
deprecated algorithm continues over the entire duration for a
complete transition to occur, even in cases where both the signing
and the verifying domains supported a newer non-exploited algorithm.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html