On Oct 15, 2010, at 10:58 AM, Barry Leiba wrote:
On Fri, Oct 15, 2010 at 1:27 PM, Hector Santos <hsantos(_at_)isdg(_dot_)net>
wrote:
Murray S. Kucherawy wrote:
I appreciate the desire to put more information in there to help, but
we really can't be writing a tutorial on managing DNS records.
+1. However, I'd be fine with adding some informative guidance to DKIM
implementers reflecting current experience, something like: "The use of
wildcard TXT records in the DNS often result in something coming back
from a query that isn't a valid DKIM key record (and ADSP will encounter
the same thing). Verifiers should expect this to occur and plan
accordingly."
Thank you Murray. Something small and sweet will be useful, and your
text is good enough.
Good; we have a start. Will others please indicate support (or not)
for adding this or similar text ?
I'm not sure whether wildcard records is relevant to the spec - that's
more of a "development, deployment and operations" issue, I think.
As a verifier implementor I'm not that interested in why someone is
publishing bogus key records as I am in what I should do about them
(fail if any are invalid, fail if there are multiple, check all of them and
pass if any are valid...) - what's an appropriate response from the
verifier in the case that the TXT records returned are unexpected.
So the existing wording is harmless, and I'd support adding it,
but something a little bit more prescriptive might be better.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html