ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Consensus check: Domain Existence Check

2008-05-29 02:49:53
from [Stephen Farrell] [Permanent Link] 

There has been considerable debate in the past few weeks regarding the
need for a check for domain existence in ADSP.

I think we've had sufficient time for debating this, let's decide.
Please respond to this by Friday June 6th.

The text in question (from section 4.2.2 of draft-ietf-dkim-ssp-03)
is as follows:

   2.  _Verify Domain Exists._ The host MUST perform a DNS query for a
       record corresponding to the Author Domain (with no prefix).  The
       type of the query can be of any type, since this step is only to
       determine if the domain itself exists in DNS.  This query MAY be
       done in parallel with the query made in step 2.  If the result of
       this query is an "NXDOMAIN" error, the algorithm MUST terminate
       with an appropriate error.

          NON-NORMATIVE DISCUSSION: Any resource record type could be
          used for this query since the existence of a resource record
          of any type will prevent an "NXDOMAIN" error.  MX is a
          reasonable choice for this purpose is because this record type
          is thought to be the most common for likely domains, and will
          therefore result in a result which can be more readily cached
          than a negative result.

There are three options that have been actively discussed:

a. Keep.  Retain the current text as-is.

b. Modify, i.e. keep, but with a different set of records.  It was
suggested that the current NXDOMAIN is incorrect, and that MX, A, and
AAAA records for the domain should be queried, with the existence of
any of these records indicating a domain that is potentially used for
email. If we have consensus for this option, then we may well need a
subsequent poll to decide the details.

c. Remove.  Remove the text as being out of scope for the ADSP
specification.  Some text may need to be added pointing out the need for
a domain existence check elsewhere. If the consensus is for removal,
then we should consider what, if anything, the specification should
refer to for performing the domain existence check.

Please just answer "keep", "modify", or "remove" in this thread, and use
a different subject line for any discussion.

Thanks,
Stephen.




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] requirement for one ADSP record per DNS entry is irrelevant, Stephen Farrell
Next by Date:  Re: [ietf-dkim] draft-levine-dkim-adsp-00, Charles Lindsey
Previous by Thread:  [ietf-dkim] [Fwd: Re: What is the standard DNS "call back"?], Dave Crocker
Next by Thread:  Re: [ietf-dkim] Consensus check: Domain Existence Check, Tony Finch
Indexes:  [Date] [Thread] [Top] [All Lists]