ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Issue: protecting a domain name vs. protecting a domain tree

2008-04-08 14:37:25


Dave Crocker wrote:


Stephen Farrell wrote:
One interpretation of this point is that the presence of a DNS entry 
(that is, a 'failure' to get an NXDomain) might be meaningful, but 
the scope of its meaning is much broader than ADSP.  

I'm not following that. Can you give an example? Even if its partly
speculative, it'd help me understand your point. (And in this case,
I guess speculation as to future uses of DNS might be valid, since
the current absence of entries is what we're proposing to use.)


DKIM and ADSP fit into a larger framework of filtering activities.  I 
hope there is nothing controversial about that assertion.

It means that there are many analyses and tests that are outside the 
scope of DKIM (and ADSP).

Some filtering engines query for an NXDOMAIN today, independent of DKIM 
or ADSP.

That's a pretty clear indication that its meaning and utility are not 
tied to ADSP.

All that seems clear. I guess however, it still doesn't help me
with (an example of) why ADSP making a query and reacting to an
NXDOMAIN response as currently spec'd may be problematic.

I think the logic for the WG not wanting ADSP to be able to
expliticly state "no mail" was correct, but that this case seems
different, hence the request for an example.

S.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html