[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Cullen
Jennings
On Nov 14, 2006, at 11:03 AM, Paul Hoffman wrote:
At 4:17 PM +0100 11/14/06, Joe Abley wrote:
For the benefit of those who do not follow dnsext closely, what
friction do you expect?
As Eric stated in his message, we should not rehash old arguments.
This has been beaten to death on the DKIM WG mailing list. As
expected, different people had different (and, in this case,
strongly-held) views, but consensus was reached and agreed
to by the
AD and with the DNS folks.
To avoid repeating this debate, can someone post some summary
information on this particularly including which exact people
came to consensus about this. I'm particularly interested in
if the consensus included the contributors to
draft-iab-dns-choices since that has been raised in LC comments.
Choices sets out four possibilities for extending the use of the DNS and sets
out pros and cons for each.
The DKIM group has taken account of this information and has noted that since
key records do not require wildcard capability the third option of prefix
records is most appropriate since they provide all the functionality required
and are compatible with the DNS infrastructure as deployed.
The use of a new DNS RR is being considered for policy records which do require
wildcard capability.
It is somewhat unfortunate that the choices draft does not take a more
realistic approach to deployment constraints. This has been raised on numerous
occasions but the fact is that the best information we have available is the
information presented during the MARID working group which indicated that at
the time only 50% of the deployed DNS infrastructure does in fact support new
RRs in a production mode (i.e. you can add the RR using the standard admin tool
and the configuration will survive a reboot). Things may have changed since but
the onus should be on those who claim the situation has changed to prove it.
In terms of consensus I don't think anyone would challenge the claim 'DKIM key
records do not require prefixes'.
I believe that there is also universal consensus amongst those who have read
choices and DKIM that the limitations of prefix records set out in the draft do
not apply.
The only points on which there is disagreement are the question of the extent
to which the deployed DNS infrastructure really supports new RRs and whether
this would be a significant handicap in the case of DKIM deployment.
The first point is an empirical one, the second is subjective. We agree to
disagree.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html