ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Proposed documentation split between DKIM and "DOSETA"

2011-01-13 04:43:55
On Wed, 12 Jan 2011 17:10:52 -0000, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net> 
wrote:

This raise a specific and interesting technical point.  I haven't seen a
response so far, so...

The core of this technology has keys that are named and accessed in  
terms of
domain names.  It really is fundamental to this technical approach.

I don't see how that can be so.

The fundamental core of this technology is a mechanism for contructing a  
hash covering a named selection of headers and a body, coupled with some  
canonicalization rules, and incorporating that into a signature header  
using some well-known algorithm such as rsa (but allowing for others).

The question of making the public key available is entirely orthogonal to  
that core protocol. The DSN mechanism is fine for some applications,  
especially where the lifetime of the signature is at most a few weeks. But  
other means of publicising (and especially of authenticating) public keys  
are also in widespread current use and there is nothing in the core  
protocol that would prevent their use in other applications where they  
were more suitable.

So DOSETA should provide for multiple plug-in key storage mechanisms in  
just the same was as it provides for multiple plug-in canonicalizations.  
By all means include the current DNS method as plug-in-key-management #1.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>