Re: [ietf-dkim] Key rotation

Mark Delany wrote:

I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]


With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a selector.
Such a purpose of a selector is clearly documented in the
DKIM rfc.

Rumor has is that some large players (such as Yahoo!) are
disregarding such ephemeral property of a selector and
are trying to associate a reputation scheme based on both
the domain *and* the selector. If such approach catches up,
it would mean the end of a free choice of domains to roll up
new signing keys periodically.

Are my worries warranted? Is there anything than can be
done about it to prevent such practice?

  Mark
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review, Hector Santos
Next by Date:	Re: [ietf-dkim] Key rotation, MH Michael Hammer (5304)
Previous by Thread:	Re: [ietf-dkim] Key rotation, Hector Santos
Next by Thread:	Re: [ietf-dkim] Key rotation, MH Michael Hammer (5304)
Indexes:	[Date] [Thread] [Top] [All Lists]