[ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP und


In order for ADSP to be of use, it must be easily deployable by 
enterprises and service providers.  Otherwise, there is no point in 
bothering to check for answers.  The absence of a parent label check 
will mean that enterprises must list an ADSP record for each and every 
DNS entry they have.  It is not unusual for enterprises to have tens of 
thousands of DNS entries.  The vast majority of enterprises make use of 
provisioning systems that takes years to update and deploy.  ADSP 
deployment is now dependent on those implementations.  Because of that 
ADSP adoption can be expected to lag dramatically behind DKIM.  The 
result will be that recipient sites will infer policy by the existence 
of records and hence implicitly implement a strict test.

Hence as things stand I expect ADSP to never be deployed, and I request 
active consideration of the provisioning systems in use.

Eliot
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] why we should clearly specify domain existence, Frank Ellermann

Next by Date:

[ietf-dkim] NEW ISSUE Re: requirement for one ADSP record per DNS entry makes ADSP undeployable, Eliot Lear

Previous by Thread:

[ietf-dkim] why we should clearly specify domain existence, Eliot Lear

Next by Thread:

[ietf-dkim] NEW ISSUE Re: requirement for one ADSP record per DNS entry makes ADSP undeployable, Eliot Lear

Indexes:

[Date] [Thread] [Top] [All Lists]

[ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP undeployable