ietf-mxcomp
[Top] [All Lists]

Re: Benefits/costs of authorizing different identities

2004-04-02 22:01:23

On Fri, Apr 02, 2004 at 07:00:57PM -0800, John Gardiner Myers wrote:

They are unauthorized per the explicit policy advertisement made by the 
domain holder.  The MTA sending mail with the identity is not on that 
domain's list of authorized servers.


Assumptions I see in this discussion, and others:

1)  The domain holder (i.e., the entity that desired and paid for the
domain) will have the ability to introduce and alter TXT RRs.

2)  The entity causing email to be sent will have the ability to change
the settings on the MUA being used, if necessary.

3)  The MUA being used will support suggested use changes (e.g., using
SMTP AUTH).


#2 and #3 are more limited scenarios, but #1 is, I believe, somewhat
more widespread:  The domain holder is not typically the one responsible
for the maintenance of the authoritative server advertising the domain,
nor is she typically the one with the ability to add/modify records
beyond RR's like A, MX, NS, and to a lesser extent, CNAME.

The point I'm getting at in that statement is this:  The choice to add
TXT (or other less-common) RR's to a zone file may be as likely to be
that of the hosting service than the domain holder.  Likewise, the
content of those RR's may well be decided by the hosting service (though
I hold up EasyDNS's recent introduction of SPF TXT RR's as a shining
counter-example:  http://support.easydns.com/tutorials/spf/ ).

It would be helpful to have data on how common the registrant/
administrative/technical contact split is with hosting services, and
how much/little freedom is given to the registrant to effect
changes/additions to the zone file.

-- 
Mark C. Langston                                    Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org                                       
mark(_at_)seti(_dot_)org
Systems & Network Admin                                SETI Institute
http://bitshift.org                               http://www.seti.org