I was looking over rfc 4871 and emailed Eric who suggested I ask the question of you all on this DL. So, I was wondering if any of the RCSs related to DKIM list a best practice, or if some other authority has given a best practice, regarding how often the keys should be changed? It seems that best practice is every 6 months, but it would be nice for an authority to state so. Of course, an acceptable answer is 'it depends' upon the security needs to the organization, but is if that is the answer - it depends - is there a minimum time frame for generating new keys?
Shana Bagherian CISSP, MBA, MCSE Senior Infrastructure/Security Architect, Triden Group "Where Security Protects Innovation" 9823 Pacific Heights Blvd Suite H, San Diego, CA 92121 [email protected] www.tridengroup.com Note: This e-mail message including any attachments of any type are covered by the Electronic Communications Privacy Act, is confidential and may include legally protected information. if you are not the intended recipient or you have received this e-mail message by mistake, please notify the sender you have received this e-mail by mistake and delete all information contained in and attached to this email. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. v20190718
_______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
