ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Last call comment: Changing the g= definition

2010-10-15 13:15:28
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Jim Fenton
Sent: Friday, October 15, 2010 10:25 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Last call comment: Changing the g= definition

Given the lack of (useful) deployment of g=, and the consensus to move
away from using actual mailbox addresses in the local-part of i= (which
means that g= is matching with, potentially, an opaque value), I
support this.

However, we still need to caution DKIM signers deploying DKIM that they
need to make sure that their selector records don't contain empty g=
values, because there will be verifiers that check g= for a very long
time.  As I said before, my preference is to put that advice directly in
4871bis, in order to make sure that it is seen.

I think we'll need an IANA action to do the following:

- add a column to the key tag registry indicating current status (and declare 
valid status values)
- set a status for everything currently in the registry, including changing 
"g=" to "obsolete"

And we need an informative appendix detailing that "g=" was removed for lack of 
deployment use, plus the cautionary point you just made.

Does that sound right?


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html