On Tue, 9 Aug 2005, Hallam-Baker, Phillip wrote:
...
It starts off by populating the key values as wildcards:
*.keya._domainkey.example.com TXT "v=aaaaaaaa"
*.keyb._domainkey.example.com TXT "v=bbbbbbbb"
etc
...
This mechanism does not require an excessive number of public key
entries. It does enforce a per message lookup but that is inevitable in
a scheme of this type.
If I remember right, dns caching is done on per-query basis which means
the above will result in public key being duplicated/triplicated/etc in
every local dns cache (in fact for every message rather ther for every
user), this would be extremely bad for dns.
There is a caching implication here of course, but we are talking about
wildcard lookups here and DNS is already designed to deal with them and
avoid bad caching.
No, it does not. At least not with many (majority?) if deployed dns
caching servers.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim