Analyze approach in iSchedule via DKIM
Opened this issue · 0 comments
msporny commented
Cyrus Daboo said that the HTTP Signatures spec is like the approach taken for iSchedule. We should do an analysis on DKIM to outline why that solution isn't appropriate for HTTP-based signatures.
Namely, we may want to state that domain-based keys are not the point, we want agent-based keys. That said, we may be able to re-use the signing portions of DKIM in the HTTP Signatures spec.