On Apr 30, 2008, at 3:01 PM, Arvel Hathcock wrote:
This is where we are at present on the NXDOMAIN issue I believe
but others might have a different view.
That's my impression, as well.
What's the path towards settling this?
I propose that the side advocating maintaining the NXDOMAIN check as
an actual algorithmic step agree to remove this from the algorithm
description in favor of placement somewhere else.
NXDOMAIN would remain a problem regardless where in the specification
it is placed. : (
I propose that the side advocating removal of the NXDOMAIN check
agree to language which makes this step AT LEAST a SHOULD and
preferably a MUST.
How about:
Recipients SHOULD check for the existence of SMTP discovery records,
to confirm absence of ADSP.
ADSP MUST provide recipient value from their checks.
This is a completely reasonable and sensible way to close the issue
IMO.
We are down to the bare-bones of what many of us are able to accept
with regard to further fundamental changes.
ADSP should declare protection for messages publicly exchanged over
SMTP, instead of all public exchange protocols that might employ DKIM
at some point in the future. The specification has failed to trim
itself in a few important areas. ADSP should be limited to positive
existence checks, and specific public exchange transports.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html