On Wed, 2005-08-10 at 04:12 +0000, John Levine wrote: > Mostly agree with Phill's note, except ... > > > As I argue in a separate email it is not necessary to have per-user > > key records to have the ability to perform per-user revocation. In > > fact all you need to do is to issue per-user records for the users > > you want to revoke. > > Your hash and wildcard trick works great if the signatures are all > applied by an MTA under the control of the domain's management. But > if you let roaming users sign their own mail in the MUA, you really > need to give each potentially untrustworthy user a separate key.
True. > Otherwise a malicious user could simply use a random selector and the > same key, since recipients don't know what selector is supposed to > match what user, and the DNS wildcard matches any selector that hasn't > been explicitly voided. To turn off the user, you need to turn off > every selector that uses his key, which means that the user needs a > different key from other people. Assume remote users are few and given a private key that only works for a specific selector. Each lookup will be generating a key, not per user, but per message in this case. The DNS cache will be hit very hard. The wildcard record can not be cached. This also requires additional lookups of the wildcard record by counting labels with DNSSEC. This approach appears to be very unforgiving to the recipient, while perhaps easy to publish for the sender. -Doug _______________________________________________ ietf-dkim mailing list [email protected] http://mipassoc.org/mailman/listinfo/ietf-dkim
