[ietf-dkim] over-the-wire (in)compatibility between pre-IETFDKIM
and (eventual) IETF DKIM
Arvel Hathcock
arvel at altn.com
Mon Oct 17 11:12:22 PDT 2005
Ok, Dave has stated some of my concerns in a much better way than I could
have. To underscore this:
> We aren't telling folks how to add the new DNS information, but we *are*
> deciding to use the existing installed admin and ops base of experience
> for the query service.
>
> Choosing DNS as the query service was a significant, strategic benefit
> because it re-uses existing admin and ops methods.
Correct and to put an even finer point on it; we deliberately intended to
re-use the existing installed base of DK keys with DKIM which I think is
just massively important (as I keep saying, sorry to bore everyone). It
minimizes the need for re-issuance of public keys (which for end-users is a
great thing) and it brings Yahoo that much closer to being the first large
ISP to start signing with DKIM (note, I do not speak for Yahoo; this is just
my assessment of the situation). I hope that even the engineering "purists"
amongst us can see the tactical and strategic advantages (dare I say, the
"politics") of something like that. It is a relatively small thing that
could go a long way toward gaining critical mass for something like DKIM.
> That is, they should be able to take the new IETF DKIM specifications,
> implement it, and be able to process original DKIM signatures.
Wow, that would be wonderful too.
--
Arvel
More information about the ietf-dkim
mailing list