ietf-dkim
[Top] [All Lists]

Re: tree walking (was - Re: [ietf-dkim] user level ssp)

2006-09-07 09:31:44
Hallam-Baker, Phillip wrote:
The tree walking is definitely a liability to be discarded.

Once tree walking is discarded however we have made an incompatible change 
and we should therefore address the other issues. In particular the use of 
punctuation syntax which is needlessly opaque and error-prone.
  
I, for one, am not concerned with compatibility of changes for SSP
because I don't know of any significant deployed base for signing policy
in DomainKeys.

draft-allman-dkim-ssp-02 has already gotten rid of the punctuation
syntax.  Let me know what you think.
Even with a custom RR it will be necessary to have a macro processor to 
generate wildcard records for existing nodes.
  
The limited (1-level) upward search in draft-allman-dkim-ssp-02 is an
attempt to relieve the need to publish SSP records to accompany all (for
example) A records in a domain.  I don't particularly like having to
search up even one level, but this seemed like a reasonable tradeoff to me.
Use of custom RRs will not work with the Windows 2003 DNS server at an 
acceptable level. The server can be coaxed to emit the data but it is not 
possible to enter it using the standard administration interface and the 
server does not save the custom RR data.
  
That's one data point; I don't know what the deployment share of various
DNS servers is but hopefully that information is available somewhere. 
We also need to consider the consequences of not being able to publish
SSP records; it doesn't prevent DKIM deployment, but provides a little
less information to verifiers.

-Jim
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>