At 2:09 PM -0700 5/25/06, Douglas Otis wrote:
A section may prove useful explaining how a new signature algorithm
should be rapidly deployed while also avoiding disruption. (Handling
a worst-case scenario.)
This would be useful for any protocol in the Security area.
The issues to cover while assuming use of non-updated verifiers are:
1) Expectations of a domain's messages being signed, when new
algorithms are ignored.
2) Selection of a signature when more than one is available from the
same domain.
3) Differentiating between unimplemented and spoofed algorithms
during a transition phase.
We can't judge the value of the section unless it is fully written out.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html