On Sep 9, 2010, at 11:12 AM, McDowell, Brett wrote: > On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote: > >> The whole point of rotating keys is so that loss of an old private key >> isn't a risk. Given that, I think that even if you're fairly sure that a key >> pair hasn't been compromised then you should remove the public >> key as soon as is reasonable after you stop signing with the private >> key - as the private key continues to be a high value target until >> the public key is removed. >> >> Eight days is as short as I'm comfortable with, so that's as soon >> as is reasonable for me. > > > ...but what would be "as long as I'm comfortable with"? Have we seen DKIM > private keys compromised due in large part to leaving the public keys in > rotation for too long... and what was "too long" in those instances.
That question doesn't make any sense. > I'd be surprised to discover many senders are rotating keys every eight days. I didn't suggest rotating keys every eight days. Rather, I suggested leaving the public keys in place for 8 days after removing the associated private key. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
