ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01)

2007-12-04 09:53:53
from [Michael Thomas] [Permanent Link] 
Dave Crocker wrote:


3.  Scope and scale of query traffic

SSP originally was constrained to apply only to unsigned mail.  The current
specification applies to unsigned messages *and* signed messages where the
DKIM i= domain name does not match the rfc2822.From <addr-spec> domain. This 
is a considerable change in the nature -- and potentially a considerable
change in the amount of query traffic -- that SSP causes.


  This has not changed in years. Maybe you've just become aware of it.
  And the problem here remains with unsigned traffic. Third party
  signatures are very rare beasts.
The draft does note that initial receive-side adopters of SSP will find no SSP DNS record. However the draft does not address the adoption and use impact of being expected to make a query that will almost always fail for a significant 
number of years into the future.


  There is a trivial mechanism that can cut down SSP lookups to almost
  nothing: don't query domains from which you've never received a valid
  DKIM signature.

                Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01), Douglas Otis
Next by Date:  Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01), Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01), Douglas Otis
Next by Thread:  Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01), John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]