At 13:04 15-10-10, Hector Santos wrote:
You can tell me if I am wrong here cause I am trying to make sure I
It is not up to me to determine whether you are wrong. :-)
1) Verifier TXT record parsing
I checked for this, but did not find it, but was a quick scan.
If the DKIM specs says that verifiers MUST be ready for different TXT
records merged in the DNS Query response, it MUST parse for the string
If this is the case, then I don't think we need to add anything. Its
That tag isn't always included in the DNS record for backward
compatibility with DomainKeys. And it is optional. As you are doing
a query for a TXT RR, expect garbage.
However, in my personal engineering opinion, it probably should add a
note for verifiers to be ready for multiple string responses.
From RFC 3833:
Much discussion has taken place over whether and how to provide data
integrity and data origin authentication for "wildcard" DNS names.
Conceptually, RRs with wildcard names are patterns for synthesizing
RRs on the fly according to the matching rules described in section
4.3.2 of RFC 1034. While the rules that control the behavior of
wildcard names have a few quirks that can make them a trap for the
unwary zone administrator, it's clear that a number of sites make
heavy use of wildcard RRs, particularly wildcard MX RRs.
NOTE WELL: This list operates according to