ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision

2006-08-23 10:51:05
from [Michael Thomas] [Permanent Link] 
Dave Crocker wrote:


Wietse Venema wrote:
> There is no need for the signing party to acquire a secret key

from the author party. To delegate signing from example.com
to isp.com, with d=example.com as a first-party signature:


There is an administrative choice, here.  One can delegate a zone or delegate a
private key.  The former is more simple, for on-going administrative, but it
leaves less control in the hands of the domain owner.
Just to be absolutely pedantic here, it's better to *enroll* the public key vs. 
delegating a private key. That said, I agree with what Dave says here.

      Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision, Dave Crocker
Next by Date:  Re: [ietf-dkim] Keys vs. Reputation, Jon Callas
Previous by Thread:  Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision, Dave Crocker
Next by Thread:  Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]