[dkim-ops] Two-part DNS again

Murray S. Kucherawy msk at sendmail.com
Thu Nov 6 10:09:13 PST 2008

John Levine wrote:
> I didn't see any responses to my note suggesting that DKIM verifiers
> appear to have trouble when a DNS TXT record consists of more than
> one chunk of text.  I figure I should do some experiements, but to
> avoid duplication, is anyone, anywhere, aware of any DKIM tests that
> looked at this issue, ever?
> I get the impression the answer is no, you get whatever the local DNS
> library gives you.

I've never seen TXT fragmentation done by the DNS at its discretion.  
It's always based on fragmentation in the zone file, i.e. what the user 
did.  Invalid fragmentation (i.e. fragments over 255 bytes) has caused 
the zone to fail to load altogether, though often with a cryptic error 
message in the log.  So I'm not sure it's at all implementation-specific.

What's the goal of the experiment?

More information about the dkim-ops mailing list