ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] dkim-base: _domainkey vs _dkim

2006-04-26 12:48:46

----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>
To: "Hector Santos" <hsantos(_at_)santronics(_dot_)com>

Hector Santos wrote:

The document refers to both _domainkey vs. _dkim subdomains to
DNS DKIM records:

How is this going to be handled?  Most testing domains are
using _domainkey or is _dkim targeted for a binary RR?

This is just a typo. A.3 should be _domainkey as well.

I figured as much and this is probably a good idea to clean that up.

Does this related any way  to section 3.6.2.2 and a normative reference to a
future document?

| 3.6.2.2  Resource Record Types for Key Storage
|
|    [[This section needs to be fleshed out.  ACTUALLY:  will be addressed
|    in another document.]]
|
|    Two RR types are used:  DKK and TXT.
|
|    The DKK RR is expected to be a non-text, binary representation
|    intended to allow the largest possible keys to be represented and
|    transmitted in a UDP DNS packet.  Details of this RR are described in
|    [ID-DKIM-RR].
|
|   TXT records are encoded as described in Section 3.6.1.
|
|  Verifiers SHOULD search for a DKK RR first, if possible, followed by
|  a TXT RR.  If the verifier is unable to search for a DKK RR or a DKK
|  RR is not found, the verifier MUST search for a TXT RR.

| 9.1  Normative References
|
|    [ID-DKIM-RR]
|               "DKIM Key Resource Records (To be written)",
|               draft-dkim-dkk-rr-xx (work in progress), 2005.


I could be wrong, but I thought the "plan" was to use _domainkey to offer
some level of backward capability with Yahoo's Domainkey TXT lookup, and
when an official RR type number for DKIM is assigned called DKK and we can
then switch to subdomain _dkim for DKIM binary RR lookups. At which point,
the semantics of section 3.6.2.2 kicks in.

   DKK RR Lookup  <selector>._dkim.<domain>
   if fail:
      TXT RR Lookup  <selector>._domainkey.<domain>

I'm fine either way.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html