On Oct 25, 2010, at 8:11 AM, John R. Levine wrote:
hangText="NOTE:"> The use of wildcard TXT records in the
DNS will produce a response to a DKIM query that is
unlikely to be valid DKIM key record. This problem
applies to many other types of queries, and client
software that processes DNS responses needs to take this
problem into account.</t>
I haven't heard anything but support for adding that.
Forgive me if I repeat myself, but I still don't see anything wrong with this:
*._domainkey.example.com IN TXT "v=DKIM1; p=; n=revoked"
I'm trying to figure out the clearest way to say that wildcards for key
records within the _domainkey subtree are OK, while wildcards above it cause
problems since they are very unlikely to be key records.
Do you have an actual use case for that sort of thing, or is it just an example
to poke at the "thou shalt not wildcard" wording?
If the former, I've got a mild argument that it's slightly poor practice. If
the latter, carry on.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html