Jeff Macdonald wrote:
On Mon, Feb 09, 2009 at 11:56:30AM -0800, Douglas Otis wrote:
The proposed errata use of the word opaque to describe the d= value,
in addition to the i= value offers _no_ additional clarity.
Given something like this:
d=good.rep.example.net or
d=bad.rep.example.net
do not assume that those identifiers mean "good" and "bad". Good and
bad could be the names of two different companies. A signer could sign
like this instead:
d=53302.rep.example.net or
d=9999.rep.example.net
and this would enforce to the verifier that no meaning should be placed
on what d= contains.
d= is just an identfier that is used to look up the public key
Jeff,
It a DNS DOMAIN and a DNS DOMAIN is a well defined entity. And this d=
DNS DOMAIN must match the 2822 (DNS) Domain. It is well forth,
bloody, scared specific 1st PARTY only signing requirement. It does
not lack clarity. It is not obtuse, it is not "hard to understand or
explain," nor is it unintelligible, and it is certainly not opaque.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html