I believe the context for your earlier comments that I responded to was the
discussion about deprecating i= and/or adding a new st= tag. I hope my
comments were not interpreted as supporting either of those changes. That was
not my intention.
On Apr 4, 2011, at 10:47 AM, John R. Levine wrote:
I think it would be a fine idea to come up with tools to help maintain the
necessary DNS records.
Agreed. But probably out-of-scope for this WG, yes? MAAWG, OTA, BITS, APWG,
etc. seem like better fora for this kind of deployment support.
In the small scale at least, I can report that
it's very simple and my monthly DKIM key rotation is completely automated.
Large organizations have larger issues,
Indeed, and those differences are not to be underestimated. I've been
surprised to hear from other deployers just how hard this for them to
operationalize at scale. These are folks who generally don't participate in
IETF so we don't see a lot of first-hand reports on this mail list (at least I
haven't).
but the right thing to do is to
help to deal with the problem.
... and the root cause of the problem, which just might be a missed opportunity
to optimize something in the spec itself.
I was only chiming in for the sake of keeping our tone open to specification
changes based on real world deployment challenges (at least for the remaining
duration of this WG). But here's where I agree with John: we haven't seen any
deployment challenges documented in an actionable way that would suggest
specification changes. There's a lot of anecdotal evidence (like what I share
above ;-) but not much actionable detail.
-- Brett
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html