Re: [exim] DKIM and DomainKeys

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
M----\de volledige draad-boom gesorteerd op datum
M+++\MTom Kistner op <-
MMMMMM 
Delete this message
Reply to this message
Auteur: Michael Deutschmann
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] DKIM and DomainKeys
On Tue, 30 Jun 2009, Tom Kistner wrote:
> Domainkeys support has been dropped. I don't really feel like bringing
> it back, since I now consider it to be a dead proprietary technology.

I wouldn't call DK completely obsolete just yet.

DKIM is in two parts, both of which are necessary to replace the role of
DK. The first part, the procedure to detect bogus signatures, is
complete. But the second part, the procedure to detect *missing*
signatures, isn't.

So, I'd still want to double sign my messages -- with DK to allow people
to discard unsigned forgeries, and with DKIM merely to test the first
half of the new protocol.


Also, DKIM provides for signatures other than the domain of the From:
address. While such signatures are not needed when using DKIM as a
replacement for DK, they may well have a use in the future. If so, Exim
might be called upon to add two or more DKIM signatures at once to a
message.

So your library should be flexible enough to handle two DKIM signatures.
If it is, then it shouldn't be to hard to extend it to handle one DKIM and
one DK signature -- since DK is just DKIM with a slightly different header
format.

---- Michael Deutschmann <michael@???>


Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-[exim] Multiple To: headers pass verify = header_syntax(?)[exim] Exim .forward with Maildir->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)