Doug,
Douglas Otis wrote:
On May 22, 2006, at 3:28 PM, Stephen Farrell wrote:
So 4:0 for trying this for a few weeks. Barring a change in
that I guess we should go for it, starting this Thursday
at 1500 UTC (1600 Dublin, 1100 New York etc.) for 90 minutes.
Agenda is a continuation of issue processing. Will try to
update list beforehand.
It could be helpful for details related to the algorithm's
representation in the binary key be posted for review. Resolving the
method of representation should allay some possible concerns.
The review of a strategy for using a key deprecation flag should also be
possible. Once there is an assured method to confirm an unknown
algorithm is currently offered by a signing domain, detecting removal of
a non-deprecated signature during a transition is possible. A signed
message must contain at least one non-deprecated signature where the
algorithm, even though unsupported by the verifier, must still be
confirmed as supported by the signing domain in the referenced key.
Without such a strategy, an opportunity to exploit a deprecated
algorithm continues over the entire duration for a complete transition
to occur, even in cases where both the signing and the verifying domains
supported a newer non-exploited algorithm.
If you have a new technical issue, then create a new thread as discussed
previously. If its already in Eliot's list, then reference the number.
Technical comment in a thread about jabbering will be missed later.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html