- From: Cyrus Daboo <cyrus@daboo.name>
- Date: Fri, 25 Mar 2011 16:41:15 -0400
- To: Bill Burke <bburke@redhat.com>, Eran Hammer-Lahav <eran@hueniverse.com>
- cc: Mark Nottingham <mnot@mnot.net>, "Thomson, Martin" <Martin.Thomson@commscope.com>, HTTP Working Group <ietf-http-wg@w3.org>
Hi Bill, --On March 25, 2011 3:33:40 PM -0400 Bill Burke <bburke@redhat.com> wrote: > The only thing I worry about DKIM is that it imposes a key management > structure and infrastructure? The users I deal with will probably want > to integrate with existing mechanisms to manage keys and look them up and > to verify identity (which will probably be different per user). Specially > I want to apply this protocol to enterprise based systems rather than the > typical Google/Yahoo/Twitter kind of thing. A DKIM expert will need to speak up to confirm this, but I believe the key management piece is extensible. i.e. right now it defines a DNS-based mechanism, but I think you can extend it with others. The choice is advertised as one of the attributes in the DKIM header. I have also been told that there will be a presentation at the Apps Area meeting next week on how DKIM can be used for general application security issues as described in <https://datatracker.ietf.org/doc/draft-crocker-dkim-doseta/>. So you might want to check that out. -- Cyrus Daboo
Received on Friday, 25 March 2011 20:41:20 UTC