>On the other hand, I think only experience is going to dictate good >practice here. I doubt I would want to yank my keys for a message only >seven days after transit. I suspect I'd want people to be able to >verify my messages for several months, if possible.
What Eliot said. At this point, we have only hunches about signature and key lifetimes and anything else related to the pragmatics of using DKIM. So the only sensible approach is to leave the hunches out of the spec, and write some BCPs once we have enough experience to tell a BCP from a WCP. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
