ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: 'DomainKeys Identified Mail (DKIM) Signatures' to Proposed Standard (draft-ietf-dkim-base)

2006-11-19 12:02:22
from [Patrik Fältström] [Permanent Link] 

On 19 nov 2006, at 04.37, Cullen Jennings wrote:


On Nov 14, 2006, at 11:03 AM, Paul Hoffman wrote:


At 4:17 PM +0100 11/14/06, Joe Abley wrote:
For the benefit of those who do not follow dnsext closely, what friction do you expect?
As Eric stated in his message, we should not rehash old arguments. This has been beaten to death on the DKIM WG mailing list. As expected, different people had different (and, in this case, strongly-held) views, but consensus was reached and agreed to by the AD and with the DNS folks.
To avoid repeating this debate, can someone post some summary information on this particularly including which exact people came to consensus about this. I'm particularly interested in if the consensus included the contributors to draft-iab-dns-choices since that has been raised in LC comments.
The draft-iab-dns-choices document, that I am one of the editors of, is waiting for the draft-ietf-dnsext-2929bis document that specifies a more clear process (and easier) for new RR types.
I have personally told everyone that ask, including the DKIM people, that the best solution is to create a new triple {owner, class, type} as specified in the choices document, so the RRSet returned as response to a DNS query is containing the records one want, and as small number of non interesting records as possible.
My personal, most personal, view is that creation of a new RR, and use of a new RR, is easier than many people think.
The creation of a subdomain in the case of DKIM do make a new triple, and make the deployment easier, as the subdomain that the DKIM related data is stored in can be delegated and managed by the mail administrators of the main domain, while the main zone is managed by the DNS people. So, I think the creation of the subdomain is a good choice regardless of whether a new RR type is created or not. At the same time, that subdomain most certainly will contain non DKIM related data as well, for example data related to DNSSEC. 

But, as you ask:
I was part of the discussion in the DKIM wg, and I do accept the rough consensus was to move forward with reuse of an existing RR Type (TXT). 

Note that the draft say:


3.6.2.2  Resource Record Types for Key Storage

   The DNS Resource Record type used is specified by an option to the
   query-type ("q=") tag.  The only option defined in this base
   specification is "txt", indicating the use of a TXT Resource Record
(RR). A later extension of this standard may define another RR type.
I do not see any need for reopening this question again. DKIM need this document, NOW!
But, I personally do hope someone will create a new RR Type definition for DKIM some day in the future. 

    Patrik

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [ietf-dkim] Re: Last Call: 'DomainKeys Identified Mail (DKIM)Signatures' to Proposed Standard (draft-ietf-dkim-base), Hallam-Baker, Phillip
Next by Date:  RE: Last Call: 'Guidance for AAA Key Management' to BCP (draft-housley-aaa-key-mgmt), Alper Yegin
Previous by Thread:  [ietf-dkim] Re: Last Call: 'DomainKeys Identified Mail (DKIM) Signatures' to Proposed Standard (draft-ietf-dkim-base), Cullen Jennings
Next by Thread:  [ietf-dkim] Re: Last Call: 'DomainKeys Identified Mail (DKIM) Signatures' to Proposed Standard (draft-ietf-dkim-base), Tony Hansen
Indexes:  [Date] [Thread] [Top] [All Lists]