On Tue, Oct 07, 2003 at 03:36:45PM -0500, Dustin Trammell wrote:
But what if the URL referenced in the TXT record is currently
unavailable? A better solution might be to use the DNS security
extensions, which provide a mechanism for key distribution, or put the
key IN the TXT record, rather than a URL.
Ref: http://www.faqs.org/rfcs/rfc2535.html
Thanks for the link! (Wow, it's a really long RFC!)
I'm not picky about how the public keys are distributed. I
chose an URL because:
* I was not sure the public key would fit in a DNS response.
(I was/am under the impression that (UDP?) DNS data is limited to 512
bytes. It is very possible that I am wrong about this. Maybe TCP DNS
is the way to go.)
* Even if one public key could fit in a DNS record, what if an
MTA uses multiple key pairs? Would they all fit in DNS?
Does anyone know how many bytes can be delivered in a TXT
record?
-Matthew.
______________________________________________________________________
matthew(_at_)syrah(_dot_)us
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡