Dave Crocker wrote:
Modify ADSP Domain Existence procedure.
Use draft-levine-dkim-adsp-00, Section 4.3. ADSP Lookup Procedure as input to
discussions.
Per the Levine draft, this also entails addition of:
<section anchor="applicability" title="ADSP Applicability">
<t> ADSP as defined in this document is bound to DNS. For this reason,
ADSP is applicable only to Author Domains with appropriate DNS
records (see Note below). The handling of other Author Domains is
outside the scope of this document. However, attackers may use such
domain names in a deliberate attempt to sidestep an organization's
ADSP policy statements. It is up to the ADSP verifier implementation
to return an appropriate error result for Author Domains outside the
scope of ADSP. <list style="hanging">
<t hangText="Note: "> The results from DNS queries that are
intended to validate a domain name unavoidably approximate
the set of Author Domains that can appear in legitimate email.
For example, a DNS A record could belong to a device that does
not even have an email implementation. It is up to the verifier
to decide what degree of approximation is acceptable.</t>
to the Section 3. Operation Overview.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html