Meng Weng Wong wrote:
As cryptographic schemes gain popularity, we may want to add
"domainkeys:xxx" or "pgp" or "smime" mechanisms.
Assume a cryptographic scheme for signing pre-DATA ESMTP commands
is defined. Would the scheme not contain its own semantics for
when to reject based on it?
Interoperability with future schemes means defining clear boundaries.
SPF establishes a precedent for, "keep your sender authentication
information in TXT records under the name of the sending domain."
Maybe Scheme S would follow this convention too, and example.net
might wind up with a TXT record like so:
spfv=1 mx =all schemesv=1 GPG
or maybe
schemeSv=1 GPG endschemeS spfv=1 mx =all
Is that extensiblity of SPF? "spf parsers stop after -all" means that
more text can be interpreted by other systems.
Maybe we don't want extensibility but just security that SPF will play
nice with future systems that do similar things.
--
davidnicol(_at_)pay2send(_dot_)com
"There's a fine line between participation and mockery" -- Scott Adams