----- Original Message -----
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
If DKIM deploys then DNSSEC will be pulled along in its wake
which in turn will drag deployment of the extension mechanism.
Making deployment of the extension mechanism a necessary
deployment condition creates a cycle of ungranted requests,
in other words a deadlock.
Just so I can better understand you, overall, due to the unreliability of
proper operations in a wide, generalized DNS server network, you do not
support the introduction of a new RR for DKIM. Would that be correct?
Also, if it was done, I guess there it would require there be a migration
concept and thus we would have two records; a RR and TXT record. Thus, from
a client (DKIM implementation) standpoint, it would behave in a try RR
First, fallback to TXT second concept. Right? If so, would you consider
this to be too much overhead, making it impractical to expect clients to
operate in this mode?
Hector Santos, Santronics Software, Inc.
NOTE WELL: This list operates according to