John Levine wrote: >> The other alternative to squeezing bits in a DNS record is providing a >> redirect to another service. >> > > Sure, but now you have the extra cost of another transaction. If you're > going to do that, you might as well invent another q= lookup scheme, > probably via HTTP, and use it directly. > Right... this is really where I was aiming. > It seems to me that since DKIM signatures are expected to have short > lifetimes and to have only moderate value, and that we've established > quite thoroughly that there is not yet an obvious successor to SHA-1, > it would be OK simply to note that we'll need something more secure in > the future and leave it at that.
How many times do you want to do this?! Eliot _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
