Folks,
I know section 3.6.2.1 has this informative note:
INFORMATIVE OPERATIONAL NOTE: Wildcard DNS records (e.g.,
*.bar._domainkey.example.com) do not make sense in this context
and should not be used. Note also that wildcards within domains
(e.g., s._domainkey.*.example.com) are not supported by the DNS.
But I think the section may need information about working with
multiple or existing TXT records, i.e. SPF and the possibility that
there could be a wildcard for other TXT records and this can provide a
lookup error for DKIM public key records.
This is just to jump start suggested text. Others can add/change
whether they think helps:
The DKIM public key TXT record MUST not be mixed or merged
with other TXT records, i.e. SPF. In addition, make sure other
TXT records with Wildcards do not conflict with DKIM public
key lookups.
Background reason:
Today we got our 3rd field testers who ran into mixed up TXT records.
All of them manage their DNS setup with ISP web based DNS managers for
their small business but they are not DNS administrators.
They did not understand how the DKIM public key TXT record is separate
from other TXT records, like SPF.
Two of them merged it with their existing SPF record and one of them
had a wildcard SPF setup and this was always the result of DKIM public
key lookups. When informed of this, he removed the wildcard setup for
SPF but he merged his DKIM public key with his SPF record.
My proposal to add more informative notes to help minimize this for
the systems with the lack of DNS admin expertise on board. In
particular for those with currently one existing need for a TXT record
and that is SPF and incorrectly believe since its a TXT record, adding
the DKIM public key data to it will work.
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html