[ietf-dkim] dkim-base: _domainkey vs _dkim
Michael Thomas
mike at mtcc.com
Wed Apr 26 06:24:09 PDT 2006
Hector Santos wrote:
>The document refers to both _domainkey vs. _dkim subdomains to DNS DKIM
>records:
>
>| 3.6.2.1 Name Space
>|
>| All DKIM keys are stored in a subdomain named ""_domainkey"". Given
>| a DKIM-Signature field with a "d=" tag of ""example.com"" and an "s="
>| tag of ""sample"", the DNS query will be for
>| ""sample._domainkey.example.com"".
>
>and
>
>| A.3 The email signature is verified
>|
>| The signature is normally verified by an inbound SMTP server or
>| possibly the final delivery agent. However, intervening MTAs can
>| also perform this verification if they choose to do so. The
>| verification process uses the domain "example.com" extracted from the
>| "d=" tag and the selector "brisbane" from the "s=" tag in the "DKIM-
>| Signature" header field to form the DNS DKIM query for:
>|
>| brisbane._dkim.example.com
>
>How is this going to be handled? Most testing domains are using _domainkey
>or is _dkim targeted for a binary RR?
>
>
This is just a typo. A.3 should be _domainkey as well.
Mike
More information about the ietf-dkim
mailing list