On May 18, 2006, at 10:38 AM, Mark Delany wrote:
OLD: TXT records are encoded as described in Section 3.6.1.
One of the big questions asked in that draft relates to the
relationship between TXT and DKK semantics. Which one is
authoritative and which one is a mirror? Or should base be
authoritative and both the TXT and DKK simply be particular
representations?
There could be two drafts, one for the TXT RR and the other for DKK
RR. If presented at the same time as the base-draft, these two
drafts might also be merged. It seems the base draft will need to
resolve these issues in tandem anyway.
I guess by way of example. The MX RR only defines the contents and
not the semantics, so perhaps DKK and TXT should do similar with
the semantics defined in the base?
One reason for reviewing these two records together would be concerns
regarding an algorithm transition. The manner the algorithm is
represented within the key could be problematic. If this
representation is different than the manner used on the TXT record,
then offering fictitious signatures claiming a new, but fictitious,
algorithm not supported by the verifier would be an easy exploit
owing to an inability to confirm what the sender is offering. The
verifier would accept the deprecated signature in the belief the
sender offered a non-deprecated signature together with the
deprecated, but that it is using an algorithm unknown to the verifier.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html