In article <4553F9CA(_dot_)9080705(_at_)cisco(_dot_)com> you write:
In the process of preparing my slides for the recent WG meeting, it
occurred to me that there is no requirement in the SSP requirements doc
for SSP to apply to subdomains of a given domain.
We have definitely discussed this in the past, and as I recall there
was general agreement that it would be a good idea.
Unfortunately, it's not clear that there is any reasonable way to
implement it. Wildcards don't work unless SSP has its own record type
and even then there's zone bloat issues, zone cuts aren't reliably
discoverable and aren't supposed to be semantically important to DNS
clients, and tree walks have all sorts of performance and DOS issues.
I'm not proposing that we try to sort this out now, but if it's really
a requirement that a policy record cover a domain's subdomains, we may
need to consider other approaches than publishing records in the
normal DNS tree.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html