-----BEGIN PGP SIGNED MESSAGE-----
On Oct 27, 2016, at 9:55 PM, Dave Crocker <dcrocker(_at_)gmail(_dot_)com>
On 10/28/2016 12:29 AM, Jon Callas wrote:
The full discussion is pretty nuanced, and I think the relevant part here is
that if an administrative domain wants to protect the privacy of its users,
it should be using *smaller* DKIM keys, not larger ones. I think I could
convincingly argue that a privacy-friendly email provider is better off
using 512 bit keys (where there's a chance of spam forgery) than 4K keys
(where there's a chance of ruining the privacy of the customers).
Not just nuanced, but also counter-intuitive (at least to me)
It would be well worth having a stable pointer to a discussion that lays this
out carefully and compellingly.
Okay. How should I do that?
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
-----END PGP SIGNATURE-----
NOTE WELL: This list operates according to