On Mar 29, 2005, at 9:57 PM, Dave Crocker wrote:
OTOH, could DNS scaling issues possibly be lurking nearby?
a number of folks keep raising this concern, but no one has yet
produced a serious analysis that says the problem is serious.
Actually, there have been. See the DNS choices and assumptions drafts.
which draft? which part of it? an analysis of the impact of a
domainkeys-like use of DNS?
note that the signer can use any number of sub-domains and therefore
split the
query traffic. this is yet-another benefit of having the signing ID be
separated from From and Sender.
Query load is only one aspect. Truncation and cache bloat are others.
Eric Hall did a pretty good analysis of cache bloat with regard to Caller-
ID during the MARID days.
citation?
are we certain that the behaviors for domainkeys will match the behavior cited
in that analysis?
it is probably worth distinguishing between a) behaviors that will cause
problems with typical, current implementations, versus b) behaviors that cause
problems inherently due to the design of the DNS. Caching problems well might
be alleviated by different implementation schemes and/or different key/name
administration.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net