On Jun 1, 2009, at 3:24 AM, Charles Lindsey wrote:
On Sat, 30 May 2009 18:12:47 +0100, Dave CROCKER
<dhc(_at_)dcrocker(_dot_)net>
wrote:
This note is intended to anchor a discussion thread for discusses
one of
those
features, namely:
DKIM-Signature Header tags
x: Signature expiration
Expiration is a fairly common feature in signing specifications. But
DK and DKIM are different in that the public key is not
distributed to
others, it's always under the control of the signer. Does this add
anything that removing the DNS TXT record doesn't do? Is it used? Is
it necessary?
OTOH, there might well be other applications, built on top of DKIM
for as
yet totally unforeseen purposes, which might need to specify other
(longer
term) means of establishing the public key, and for such
applications the
x tag might well be needed.
In which case it can be added by the RFC that extends DKIM to non-DNS
based key distribution. That RFC will be needed anyway, for anything
other
than DNS-based distribution to be used.
There is nothing inherent in the basic DKIM protocol that would
prevent
such extensions in the future, so do not close them off prematurely.
I know of (at least) 3 different and mutually incompatible systems for
signing headers in regular use, and DKIM is merely the latest of
them. I
would not like to see people to be forced to invent fourth and fifth
systems, just because DKIM has painted itself into some unnecessary
corner.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html