>> And why pull the public one if you do?
>
>That's how you invalidate the old key, mitigating the stolen key problem.
>The point of cycling keys is to invalidate old ones.

Also, by design, DKIM is intended for validating mail in transit, not
long term archives.  For that we have S/MIME and PGP.

R's,
John


_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to