Re: Pre-picking one solution (Re: [ietf-dkim] Re: WG Review: Domain Keys Identified Mail) (dkim)

["william(at)elan.net" <william at elan.net>]

On Thu, 22 Dec 2005, Barry Leiba wrote:

> Actually, the DKIM base spec does provide a mechanism for replacing the
> DNS keystore with something else.  Look at 1.4 for a general statement,
> and the description of the "q=" tag in 3.5.  DKIM's intended to be able
> to support user-level keys in a future version (there's some discussion
> of that in appendix A), and its design is set up specifically not to
> prevent that.

The spec basicly says that you must support DNS public key distribution
and authorization; that something else may also be added later will not 
change requirement for pki in dns and will only be usefull for those
who can support it as alternative way to retrieve the key (which means
the key would still need to be made available through dns for those who
do not).

It is really no brainer to see that if we have several authorization 
meachanisms a set of them would have to be done as a required for those
creating implementation in order for them to be used and that means 
working on all that as part of the main work on the system and
releasing together with other documents on the signature system.

--
William Leibzon
Elan Networks
william at elan.net

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf