On 6/2/09 7:41 PM, Murray Kucherawy wrote:
So if a=rsa-sha256, then the key I get from issuing a query based on s= and
d= will be an RSA key, or it will fail to verify. What k= offers is somewhat
redundant except for the fact that I can avoid the crypto overhead if I can
detect early on that it won't work anyway.
That's an important point, in the case of a DOS attack. The next
question is whether anybody implements it as such?
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html