[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: QUERY: Key Server Choices

To: Arvel Hathcock <arvel@xxxxxxxx>
Subject: Re: QUERY: Key Server Choices
From: Tony Finch <dot@xxxxxxxx>
Date: Wed, 3 Aug 2005 22:52:05 +0100
Cc: IETF MASS WG <ietf-mailsig@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
List-id: <ietf-mailsig.imc.org>
List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
References: <> <> <>
Sender: owner-ietf-mailsig@xxxxxxxxxxxx

On Tue, 26 Jul 2005, Arvel Hathcock wrote:
>
> There will definitely be an HTTP based key-fetching mechanism someday for
> use with DKIM.  It's beneficial especially for customers like mine who are
> SMB organizations without direct access or special knowledge about DNS.
> Imagine trying to do per-user keys or even per-domain keys that expire
> frequently using DNS as the key server.  Now imagine having to do that for a
> company that doesn't run it's own DNS and has to ask their ISP every time
> they want a change.

I expect that there will be special DKIM-keyserver-specific DNS servers
which will automate the management job, so the only configuration at the
ISP would be an NS record to delegate the _domainkey sub-zone parallel to
the domain's MX record, and this is a one-off admin job.

Tony.
-- 
f.a.n.finch  <dot@xxxxxxxx>  http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.

References:
- QUERY: Key Server Choices
  - From: Dave Crocker
- Re: QUERY: Key Server Choices
  - From: wayne
- Re: QUERY: Key Server Choices
  - From: Arvel Hathcock

Prev by Date: Re: Comments on draft-allman-dkim-base-00.txt
Next by Date: replay attacks, was Re: revised Proposed Charter
Previous by thread: Re: QUERY: Key Server Choices
Next by thread: Re: QUERY: Key Server Choices
Index(es):
- Date
- Thread