Stephen Farrell wrote:
Should we keep or remove text below?
(from 4.2.2 of draft-ietf-dkim-ssp-03, but please be sure you
check the context before expressing an opinion)
3. _Try Parent Domain._ The host MUST query DNS for a TXT record for
the immediate parent domain, prefixed with "_asp._domainkey." If
the result of this query is anything other than a "NOERROR"
response with a valid ASP record, the algorithm terminates with a
result indicating that no ASP record was present. If the ASP "t"
tag exists in the response and any of the flags is "s"
(indicating it does not apply to a subdomain), the algorithm also
terminates without finding an ASP record. Otherwise, use that
record.
Remove.
It does not enhance security.
It invents new DNS semantics and works poorly.
It is strictly for the administrative convenience of a minority of domain
owners.
It adds permanent overhead to the protocol but will rarely provide any benefit.
d/
ps. As Steve Atkins noted, it also does not work properly.
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html