On 2020-08-07 5:53 a.m., Mark Delany wrote:
> On 06Aug20, Dave Crocker allegedly wrote:
>> M3AAWG DKIM Key Rotation Best Common Practices
>> (revised March 2019)
>>
>> https://www.m3aawg.org/DKIMKeyRotation
>
> Luckily the tl;dr is in the first line. Phew! Quite the read :-)
Section 5.1.3 "Rotating Keys" is also worth reading, as it discusses
setting an empty p=.
> It seems that both Maawg and letsencrypt are both pro-automation. I
> think that's the biggest take-away for the OP.
That paper doesn't mention publishing the private key some time after
public key revocation. Someone suggested to do so to avoid the
Clinton effect.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
