On Thu, 22 May 2008 18:21:56 +0100, Steve Atkins <steve(_at_)blighty(_dot_)com>
wrote:
The reason for the existence check is simply to make it possible
for an ADSP user to specify consistent policy across all their
space in the DNS tree. A simple check for NXDOMAIN is
sufficient to fill that need. Any semantics beyond that are moving
beyond the reason that the check is needed.
Or, to put it another way, the site that created the ADSP record has some
"expectations" that verifiers will thereby catch assorted misuses of his
domain(s). In order to fulfil the record owner's "expectations" it is
NECESSARY for the verifier to check for the existence of the domain, and
therefore our document MUST explain that necessity. It might well add,
parenthetically, that even if recipients are not trying to verify DKIM
signatures, it is still a sensible/useful check to perform.
Whether the document uses normative language (MUST/SHOULD) to described
what verifiers are expected to do is orthogonal to what it says about how
to do it properly.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html