ietf-mailsig
[Top] [All Lists]

RE: SSP - policy location compatibility with DK

2005-08-01 20:18:28


On Mon, 1 Aug 2005, Hallam-Baker, Phillip wrote:

This is an area where the decision of the SPF group to co-opt the TXT
record for their exclusive use is a problem. A wildcarded SPF record
will also match prefixed records.

We really need an architecture for extending the DNS that is not
predicated on rolling out new RRs for each new extension.

There is nothing bad about rolling out new DNS RR. The bad is that
certain current dns proxies do not make it easy and refuse to
recognize or let them through to dns resolver that can recognize them. The bad is that to get around that people are taking over other RRs and in that way creating conflict. But this argument has played out in MARID to greater degree and I don't think we need full repeat of that.

BTW - obviously there is no way to support wildcards with _domainkey.
Something that implementors should be aware and so it should be
mentioned in the draft.

----
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net

<Prev in Thread] Current Thread [Next in Thread>