John Levine wrote:
One of us should send in a separate technical erratum saying that DKIM
key records SHOULD be published only for SDID domains that have
corresponding MX or A records and can receive mail.
I believe your later posting on this retracted the suggestion, but this issue
strike me as one that is very easy (and common) to misunderstand. So it's worth
emphasizing. Might be worth adding tidbits to the Deployment draft?
The d= domain name is permitted to have /no relationship/ to any mail-sending
or
mail-receiving domain name. Hence, no A, MX, or possibly /any(!)/ DNS resource
records for the name.
There might prove to be some benefits in choosing to have the d= name match the
name used for other purposes, but the design of DKIM does not require it and
it's essential that signers retain the choice.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html