On Mar 24, 2008, at 10:30 PM, Jim Fenton wrote:
The current utility is that, while extensions can be added any time,
constraints need to be added up front.
Okay, I'll bite. Why is this a good idea? By way of contrast, when an
A RR is added to a DNS zone saying what address to use, no constraint
is placed on the sorts of connections that can be made to that
address. When an MX is added to a DNS, nothing is said about using it
or not using it for purposes other than finding a mail server (they
are of course used for anti-spam checking amongst other things).
So I sort of struggle over why we would want to try and constrain the
use of a DKIM RR, particularly when we rely on the good graces of a
verifier to enforce that constraint and whether they do so or not is
entirely unknown to the DKIM RR publisher.
NOTE WELL: This list operates according to