Now, I have no idea what limits were placed on this capability by provisioning
systems. What I do know is that several customers used this feature to create
very large numbers of subdomains. (I know this because this particular usage
exposed several bugs.)
Another thing that's surprisingly common is for sites to have very large
numbers of explicitly configured domains and subdomains - like on the order of
tens of thousands.
Gee, some actual real life experience -- how refreshing!
Let's assume for the purposes of argument that such a site wants to use
DKIM and ADSP. Presumably there's some set of tools to manage the DNS for
the umpteen thousand subdomains.
Hypothesis A: They'll update the tools to create matching ADSP and perhaps
DKIM key records for the domains they use, so clients can just check the
ADSP for whatever domain is on the From: line.
Hypothesis B: The tools can't do it, they'll only be able to stick in a
few hand-crafted DKIM key and ADSP records for upper level domains, so
ADSP clients checking lower level subdomains will have to look around the
tree and find those records.
The current ADSP draft is written with an eye toward B, but it seems to me
that A is at least as likely. What does your experience suggest?
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html