[ietf-dkim] RFC4871bis - whether to drop -- x: Signature expiration
Charles Lindsey
chl at clerew.man.ac.uk
Mon Jun 1 03:24:10 PDT 2009
On Sat, 30 May 2009 18:12:47 +0100, Dave CROCKER <dhc at dcrocker.net> wrote:
> This note is intended to anchor a discussion thread for discusses one of
> those
> features, namely:
>
>
>> DKIM-Signature Header tags
>>
>> x: Signature expiration
>>
>> Expiration is a fairly common feature in signing specifications. But
>> DK and DKIM are different in that the public key is not distributed to
>> others, it's always under the control of the signer. Does this add
>> anything that removing the DNS TXT record doesn't do? Is it used? Is
>> it necessary?
OTOH, there might well be other applications, built on top of DKIM for as
yet totally unforeseen purposes, which might need to specify other (longer
term) means of establishing the public key, and for such applications the
x tag might well be needed.
There is nothing inherent in the basic DKIM protocol that would prevent
such extensions in the future, so do not close them off prematurely.
I know of (at least) 3 different and mutually incompatible systems for
signing headers in regular use, and DKIM is merely the latest of them. I
would not like to see people to be forced to invent fourth and fifth
systems, just because DKIM has painted itself into some unnecessary corner.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list