On Friday 27 August 2004 10:05 am, william(at)elan.net wrote:
On Fri, 27 Aug 2004, David Blacka wrote:
What you are seeing is that prefixes (or subdomains, whatever) are a bad
choice for *solely* dealing with scoping and identity separation.
Basicly I'm saying that we can not rely on using prefixes for scoping
separation unless we're certain that no wildcard records would exist
(which is probably an impossible assumption) or otherwise we have a
problem with different scoping records that use wildcards and we can not
distinguish between. And since we can not achieve scoping by using
prefix/subdomain system on its own, we have to include scoping identifier
in the data part. But then we might as well just rely on the data part and
create appropriate and extendeable scoping system there.
The motivation for using prefixes was (I thought) to ameliorate the response
size issue when Sender-ID is deployed alongside SPFv1 (or other unrelated TXT
records). Which it appears to do in all cases except the use of wildcards.
The fact the the prefix technique does not work in all cases does not make it
useless in my mind.
So I agree with your statement except for the last sentence.
David Blacka <davidb(_at_)verisignlabs(_dot_)com>
Sr. Engineer VeriSign Applied Research