On Fri, Apr 11, 2025 at 6:02 PM John Levine <jo...@taugh.com> wrote:
> According to Richard Clayton <rich...@highwayman.com>: > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >In message <20250411205917.169acc3d1...@ary.qy>, John Levine > ><jo...@taugh.com> writes > > > >>It appears that Richard Clayton <rich...@highwayman.com> said: > >>>>> > +------------+-------------------------------------------------+ > >>>>> | ds= | Signing key identifier (domain & selector) > | > >>>> > >>If you combine them into one field how do you tell what's the selector > and > >>what's > >>the domain? My DKIM setup uses selectors like 670e67f41a6d.k2504 so you > can't > >>just > >>pick off the label before the first dot. > > > >You could use a separator character which was not permitted to occur in > >domain names ... I expect @ might confuse people :-) as would, from the > >positioning, underline, but colon might be suitable... > > Hey, how about using this separator: ; d= > > I think the answer to why d= and s= are different is "so you can tell > what's the > selector and what's the domain." > > RFC 6376 says that selectors are sequences of LDH strings separated by > dots, i.e. > hostnames. But I have seen people try to put underscores in selectors > which > is wrong but I would prefer not to punish them for that more than > necessary. > > +1 for keeping "d=" and "s=" separate. -Wei
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
