On Wed, Dec 14, 2022 at 4:47 PM Grant Taylor <gtaylor= [email protected]> wrote:
> > That way if ~> when the ESP needed to cancel a client's service, the ESP > could also withdraw the client's public key in the ESP's zone(s) thereby > breaking the DKIM signature by rendering it unvalidatable. I'd think > that this would largely comedown to a TTL issue on the DKIM's public key > record in DNS and implementation complexity. > > What am I failing to take into account? > Generally: x= is automatic and will usually be faster, and requires no engineering effort to build out the key management service, and no ongoing operational/maintenance/infrastructure costs. Looks like a lot of complexity for little to no benefit over x=.
_______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
