On October 17, 2005 at 16:10, Stephen Farrell wrote: > >> PS: I still didn't hear much about what specific parallel scenarios > >> we'd like to support btw. e.g. if a single message can have both new > >> and old signatures from the same domain, do we require that the same > >> public key be usable to verify both, or should we remain silent on > >> that, or something else? > > > > If anything, I'd prefer that the same public key be required to verify > > both. > > REQUIRED is probably too much in general, since I guess someone > could have two implementations on different boxes with different > h/w crypto support so that using the same private key wouldn't > (always) be possible.
It may also be the case that different cryptographic algorithms are in use. For example, if something besides RSA becomes the norm, you may have an RSA-based signature and a XXX-based signature, each requiring a different key. --ewh _______________________________________________ ietf-dkim mailing list http://dkim.org
