Steve,
Could you expand on this somewhat?
We may be able to push the beastly wildcard issue into touch altogether here.
What is the deployed base for MX . ? How widely is it recognized? Used?
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Steve Atkins
Sent: Saturday, June 02, 2007 6:51 PM
To: Untitled WG
Subject: Re: [ietf-dkim] TXT wildcards SSP issues
(wildly off-topic content follows. Hit 'N' now.)
On Jun 2, 2007, at 3:34 PM, John Levine wrote:
But... if the only problem is wildcard records, and only a small
number of senders are going to want to use wildcards with SSP then
the obvious engineering solution is to have those small numbers of
senders upgrade their DNS infrastructure, rather than wait for the
far larger number of potential recipients to upgrade their
infrastructure.
The problem is that you've just spec'ed SSP to use a
protocol that is
not DNS. It's fairly similar to DNS, but it's not DNS. I can't
imagine the IESG accepting that in a standards track document.
No, it's perfectly compliant DNS. Really, it is.
It's not bind, though, and there's a fairly common fallacy at
IESG, amongst other places, that DNS is "what bind does"
rather than vice-versa. So, yeah, you're right about the
standards document issue (were it me, I'd just spec TXT
records and not mention wildcards at all).
I have a dns server that'll do internal wildcard records
today (as do you, IIRC). The information it uses to do that
will not transfer correctly over AXFR - but who, other than
some subset of bind users, uses AXFR to maintain their
secondaries, anyway? :)
The question of wildcards internal to names has been around
for years.
Everyone except extreme DNS fundamentalists agrees that
they would be
very useful, but they haven't converged on a workable
design and we're
unlikely to do it here.
I think I'm a DNS fundamentalist, and I think it's a fine idea.
And, from what I'm hearing, those who are motivated to use
SSP at all
are mostly senders.
Personally, the part of SSP that I would find useful is "I send no
mail". I get mountains of blowback from spam sent with addresses
subdomains of mine, starting with misscraped message IDs with host
names on the right side, now mutated into various sorts of
dictionary
attacks. I'd want to tell people that it's all bogus.
How is "MX ." working out for you? Not a rhetorical question
- it's likely the closest we have to a standard for "I don't
send email"
today, and is more likely (IMO) to be used by recipients than
SSP, so it's an interesting bit of data.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html