[ietf-dkim] CNAME's
Eliot Lear
lear at cisco.com
Wed Jul 5 11:29:03 PDT 2006
Michael Thomas wrote:
> 1) The benefits in general
Consolidation of multiple domains to a single key record. Useful when
contracting out signing, wouldn't you think?
> 2) The security implications of the base DKIM mechanism (ie, is the
> delegation
> model still correct, what about key rollover, etc, etc).
You own the domain. If you CNAME over to somebody else you're trusting
them.
> 3) The unintended security implications (loops, dos, amplification...)
Dunno. Mark's points apply.
Eliot
More information about the ietf-dkim
mailing list