On Wed, Mar 11, 2009 at 3:33 PM, Steve Atkins
<steve(_at_)wordtothewise(_dot_)com> wrote:
Did we already look at this idea and discard it before we settled on
using a DNS query for every email received?
Discussed, not discarded. AFAIR, the general feeling is that
Lookups are cheap today.
Essentially such an approach is asking every MX target with more than
one system to invent some way of distributing the knowledge it
discovers on an inbound, signed message.
You also have to invent mechanisms to deal with corner cases and
timing windows, such as when one MX target receives a "we don't sign
all anymore" and another MX target for the same domain almost
immediately receives an unsigned email from that domain. Or what if
you use your ISP as a secondary MX and the "state changing emails"
happened to be queued up there for a while?
I also don't see how it changes anything from a functional POV. If
ADSP is carried in the signature vs carried in a DNS record, it would
presumably invoke the same level of WG discussion over semantics and
purpose.
Given the highly cacheable nature of ADSP information and the fact
that we're already querying the DNS for key information, it's unclear
what the big benefit would be in moving this in-band.
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html