ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Jim's issues - one more try

2007-06-11 22:10:55
Just for the record:

Stephen Farrell wrote:
(1) Use of XPTR records for SSP.  The idea here is to create a more
general policy mechanism that can be used by WS-* and such.  There
were about 20 messages discussing this from 5 people.  I'm not reading
a clear consensus on this.

   Issue#1: +1 - include use of XPTR as part of ssp-00
   Issue#1: -1 - exclude use of XPTR from ssp-00

-1

Rationale: XPTR is mostly for making the SSP mechanism more extensible
for expressing other sorts of policy.  It requires an additional lookup,
the other things it deals with are outside the scope of DKIM, and this
issue of general policy and extensibility is better dealt with by the
DNSEXT working group.


(2) SSP record type (TXT vs. something new). Only 4 messages in
discussion, mostly saying "if you support TXT, don't bother with
anything else."  Again, no clear consensus.

   Issue#2: +1 - Define how to use a TXT RR for SSP policies (with or
                 without something else)
   Issue#2: -1 - Don't use TXT at all, only use new RRs for SSP

0

Rationale:  I think that using a new RR is the right thing to do, but I
don't know all of the deployment issues.

(3) Upward query vs. wildcard publication.  27 messages in discussion
from 15 people.  Most of the discussion was a rehash of the idea of
associating semantics with DNS zone-cuts, which we had already
discussed and rejected.  I have also been trying to get an opinion
from DNSOP on the idea of a one-level upward search (which I think
solves 90% of the problem), but haven't gotten any response.

   Issue#3: +1 - Define an upward query based approach to finding SSP
                 statements
   Issue#3: -1 - Define a wildcard based approach to finding SSP
                 statemetns

+1

Rationale:  Required to support TXT RR (what I think is what we'll end
up with).  Even with a new RR, it avoids the need to publish an
additional new-RR record to go with every other label in the zone to
deal with the characteristics of DNS wildcarding.

-Jim
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html