ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Issue: Applicability of SSP to subdomains

2006-12-07 23:46:53
william(at)elan.net wrote:

On Thu, 7 Dec 2006, Jim Fenton wrote:

I'm really confused by your reply. The question is simply, "should it be possible for an SSP record published by example.com to also apply to sub.example.com [for any value of sub]".

Its not quite that simple, the issue is really should you go out of
your way to solve issue which is more fundamental due to missing
feature in current DNS protocol and its wildcards (especially if
that involves complicating with extra queries...). My view is
somewhat similar to Phillip - I think this issue should be worked
on in general, but I don't think it should be done in the context
of this WG (i.e. not part of your protocol specs).

Good point, but in lieu of industry wide support for wild cards, we do have the fallback logic of doing direct lookups.

Yes, absolutely, not ideal and probably can create more redundant DNS query faults on the net than we really care for, but we do need the general idea worked out as you elude to above.

To me, the question is valid:

Does my received do a lookup order of:

     D.C.B.A
     C.B.A
     B.A
     A

or just start at the BASE first?

I think the answer lies on the application side: Should DKIM/SSP offer domains the ability to have two or more policies with the same base domain?

Example:

   public.santronics.com    - a more relaxed option policy
   santronics.com           - exclusive policy


---
HLS

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html