[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of J.D. Falk
On 2006-09-06 10:45, Hallam-Baker, Phillip wrote:
The main value I see in user level policy is easing phased
deployment.
If you are a bank with 100,000 employees with email and you want to
deploy DKIM you probably want some form of hook that lets
you do it in
stages.
So they'll have 100,000 SSP records?
Perhaps there's an easier, more flexible, more scalable
hook...like "we don't sign all mail."
We don't sign all mail is utterly useless as a policy record. There are only
two usefull policy positions ALWAYS SIGN and MIGHT SIGN. There is no value in
distinguishing MIGHT SIGN and NEVER SIGN.
Since you can wildcard the most common case one would need 50,000 SSP records
at most. It is likely that they would be generated automatically as individual
mail servers were configured to use DKIM.
BITs are cheap. I see no problem in deploying 100,000 DKIM records in such a
situation.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html