A small, interesting difference between SPF and DKIM is in the DNS
query. In SPF, the query is to the specific domain (typically from MAIL
FROM), e.g. cs.biu.ac.il (for me). In DKIM, the query is to
_domainkey.cs.biu.ac.il. Both SPF and DKIM plan to role out their own
DNS record but for the time being will mostly use the TXT record.
I think there are reasons for each choice, and would appreciate feedback
as to whether these are the real and only reasons.
The benefit to the DKIM design is that it avoids overloading the `main`
TXT record for the domain, e.g. cs.biu.ac.il. Namely, if this domain
wanted to use both DKIM and SPF (and maybe other TXT records for other
purposes), then it may end up with too many TXT records returned to the
query for the domain (cs.biu.ac.il) and the `right` record may not reach
the requestor. Right?
The benefit to the SPF design is that it allows placing of the record
higher up in the DNS tree. Namely, by _not_ including a TXT record for
cs.biu.ac.il, a query may bring the TXT record for biu.ac.il; so if
entire BIU wants to have a single SPF record at biu.ac.il, this is
easier. Right?
Are there additional (more important?) motivations? Are there specific
reasons that one design was adopted with SPF and a different one with DKIM?
I will welcome responses directly to me (instead of or in addition to
the list).
Thanks, Amir Herzberg
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html