On Sat, 30 May 2009 18:12:47 +0100, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
wrote:
This note is intended to anchor a discussion thread for discusses one of
those
features, namely:
DKIM-Signature Header tags
x: Signature expiration
Expiration is a fairly common feature in signing specifications. But
DK and DKIM are different in that the public key is not distributed to
others, it's always under the control of the signer. Does this add
anything that removing the DNS TXT record doesn't do? Is it used? Is
it necessary?
OTOH, there might well be other applications, built on top of DKIM for as
yet totally unforeseen purposes, which might need to specify other (longer
term) means of establishing the public key, and for such applications the
x tag might well be needed.
There is nothing inherent in the basic DKIM protocol that would prevent
such extensions in the future, so do not close them off prematurely.
I know of (at least) 3 different and mutually incompatible systems for
signing headers in regular use, and DKIM is merely the latest of them. I
would not like to see people to be forced to invent fourth and fifth
systems, just because DKIM has painted itself into some unnecessary corner.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html