ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP undeployable

2008-05-27 05:27:25
from [Eliot Lear] [Permanent Link] 
Frank Ellermann wrote:

Eliot Lear wrote:

  

an author domain administrator cannot adequately or easily express
the simple notion that only certain hosts are authorized to send
from a domain.  We have thus missed the mark on what we are doing.
    


IMO "we" (TINW) are *not* reinventing SPF (or PRA a.k.a. Sender ID).

The admin knows which domains are used for mail, in your example of
a non-trivial organization these domains have MX records.  Just add
_adsp._domainkey.example.com for each example.com with an MX record.


The problem is when there are hundreds or thousands of hosts beneath 
example.com.  How many commercial DNS management systems can handle that 
from a provisioning point of view?

Eliot
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP undeployable, Frank Ellermann
Next by Date:  Re: [ietf-dkim] why we should clearly specify domain existence, Frank Ellermann
Previous by Thread:  Re: [ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP undeployable, Frank Ellermann
Next by Thread:  Re: [ietf-dkim] requirement for one ADSP record per DNS entry makes ADSP undeployable, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]