No new PKIs! (was: Re: [ietf-dkim] agenda item on upgrading hash
algorithms?)
Mark Delany
MarkD+dkim at yahoo-inc.com
Wed Feb 22 17:30:31 PST 2006
On Wed, Feb 22, 2006 at 05:11:37PM -0800, Douglas Otis allegedly wrote:
> Using this #37 RR was not a suggestion for developing yet another
> PKI. This was suggesting the use of a DNS resource record defined by
> RFC2538.
>
> This RR imposes this header:
>
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> | type | key tag |
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> | algorithm | /
> +---------------+
Right. A blob container. I see no functional difference from TXT.
Do you propose extending RFC2538 to support the plethora of tags
currently defined in Selectors or do you want to hide those in the
blob?
If you plan extension, do you have the support of the 2538 authors?
If you plan blobs, are you certain that matches the intent of the 2538
authors or have you not consulted them?
Mark.
More information about the ietf-dkim
mailing list